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Description of the Invention: 

...the web page. Preferably, the client program 124 or the data server 
140 checks to verify the entered name is actually present on the web 
page. The bubble 310 includes a.. .FIG. 5, the client toolbar web page 608 
preferably includes Document Object Model (DOM) manipulation code 522 
in the form of Javascript. The DOM manipulation code 522 is executed to 
add the web page embedded product elements 220 (FIG. 2A) adjacent 
product representations on the displayed web page 602 by manipulating the 
web browser's DOM. The DOM manipulation code 522 can also be used to 
make other ...0080] The toolbar code 524 is also preferably configured 
to create bubbles such as the bubble 310 of FIG... 

...is viewed by the user. The client bubble web page 532 may also contain 
client bubble code 534, ...identification is preferably included in 
the client toolbar web page 608 in the form of embedded code , which 
is preferably Javascript. The embedded code , which preferably 
includes the DOM manipulation code 522 and the toolbar code 524, will 
be described in greater detail in conjunction with subsequent steps. If 
the data.. .scenario, the client program displays the product-identifying 
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display elements, such as the web page embedded product elements 220 of 
FIG. 2A, adjacent representations of the associated products on the 
displayed... 

...the displayed web page. In this scenario, the client program preferably 
executes the DOM manipulation code 522 embedded in the client toolbar 
web page 608 to add the display elements to the web... 
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Fulltext Word Count: 25330 

Summary of the Invention: 

...on Month Day, 1998 [future issuance number and date to-be 
determined ]. 
[... 

...remotely via a communications network (e.g., LAN or WAN) so that a 
remotely located, authorized persons can quickly access the data when 
needed... 

...OTF) decryption and re-encryption system which conveniently decrypts and 
re-encrypts file data for authorized users on an as needed basis... 

...is possible, however, that security may be inadvertently breached by the 
unwitting actions of an authorized user. The authorized user may have 
properly logged into the system and provided all the appropriate 
passwords which... 

...example, suppose that after properly logging into the system and 
providing all appropriate passwords, the authorized user decides to 
connect via the Internet with a Web site or a like source 

Description of the Invention: 

...other basic re-bootings of the system. The ROM data may specify an 
OS-readable, unique serial number for the computer. The computer system 
100 may also include a real-time... 
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...various kinds of encrypted and plaintext data. Part of that data 
represents a list of authorized users (INCLUDED USER's LIST) as will be 
detailed below. Another part of that data... 

...0064] As further seen in FIG. 1, disk subsystem 150 stores: (a) a 
bubble - based algorithm 154 for providing access approval or denial to 
access requests presented via various kinds... 

...yet further stores: (j) one or more bubble-lists 162 that are used by 
the bubble - based algorithm 154 for providing access approval or 
denial to access requests presented via various kinds... 

...an encrypted form (ciphertext form) except for times when it is being 
legitimately used by authorized users. At such times, the decrypted 
data 175 should be kept only in volatile memory... 

...is employed, the executing program or OS component of intercept step 201 
is tested for bubble - based approval or denial by the program 
approving/den \ ing algorithm 154. One such algorithm is shown.. .is made of 
the Excluded Directories List(s) of memory region 155 (FIG. 1) to 
determine whether the requested file is 'contained' in a directory that 
is identified as an excluded... 

...0111] At test step 220, it is determined if a decrypted version (real 
or phantom) 161d of the file data has already been... 

...apparently-available? test 220 is Yes, control passes to test step 222 
where it is determined if the current file-OPEN request issued at the 
behest of an OTF recryption module... 

...security label further includes a list that defines a valid user 
identification number for each authorized user. The OS or another 
interacting software module is expected to furnish a matching user... 

...security label is formed by encrypting the plaintext of the needed 
decryption key using the authorized user's public key pursuant to a 
so-called public-key/private-key encryption system... 

...such a public-key/private -key encryption system.) Accordingly, the 
private key of the same authorized user must be obtained in order to 
decrypt the encrypted key string corresponding to that... 

...the current file requester (obtained from the OS) can be compared 
against the list of authorized users within the file's security label 
to see if there is a match. Also... 

...or additionally, other security tests can be performed in step 226 as 
deemed appropriate to determine whether the requesting user and/or the 
requesting application program have valid access rights... 

...0131] If the result at the access-rights verification step 226 is 
negative (No), then control is passed to point B3 where the intercept... 

...0132] If the result at the access-rights verification step 226 is 
instead positive (Yes), then control passes to a decrypting process such 


...and a decrypted version 161d of the requested file data is made 


EIC3600 SEARCH RESULTS 


5 


5/6/2009 


available to the authorized requester. If volume-encryption is being 
used as an additional protection, the OTF software is... 

...subsystem directory 151 and overwriting the original file name (e.g., 
"AA.XLS') with a unique new file name (e.g., "JAN... 

...0137] In one embodiment, the unique new file name is selected as 
follows. The current time and/or current date is used to generate a 
unique alpha-numeric string (e.g., "JAN... 

...test and revise procedure is repeated until there is no collision. Then 
the non-colliding unique alpha-numeric string (e.g., "JAN... 

...of security methods including the above-mentioned method of encrypting 
the decryption key with the authorized user's public encryption key... 

...or to a hash of such data. A corresponding public key is afterwards used 
to authenticate the signature by comparing the decrypted signature (the 
version decrypted with the public key) against the stored data or a hash 
thereof. In one embodiment, the last authorized user to edit the file 
is defined as the master of the file 161 and his/her private/public key 
pair is used respectively to sign and authenticate the plaintext. In an 
alternate embodiment, the private/public key pair of the system 
administrator is used respectively to sign and authenticate the 
plaintext. The private/public key pah of another entity may yet 
alternatively be used to respectively to sign and authenticate the 
plaintext... 

...causing programs. The MS-Windows95(TM) protocol wherein asterisks (*) 
are used for multi-character wild cards {including no characters} and 
question marks (?) are used as single-character wild cards may be used. 
The example at 320b f*GEN*.XLS') accordingly identifies the class of 
file... 

...and the master program under whose supervision the slave was loaded. 
Section 311c (MASTER/SLAVE) determines which of these proximity-of 
causation designations is to be queried for from the OS... 

...matches per the MASTER/SLAVE qualification of section 3 1 1 c, then section 
3 lid is consulted to determine if the response to the name and 
type-of-causation matches should be an approval. ..a file-copying 
primitive-function such as COPY.DLL'. In other words, it has been 
determined that "C:\*COPY*.DLL' has no business trying to access a file 
whose name satisfies... 

...DENY and the alert level is that of the current default. This means that 
no authorizing match has been found in the causation-query branch of 
target-query record 320 and... 

...step 450 continues along path 451 to test step 455. In step 455 it is 
determined whether the file -name extension (e.g., the last character 
string following the last period... 

...in step 421, the process continues on to step 422. In step 422, it is 
determined by reading the APPROVE/DENY section (e.g., 3 lid) of the 
matched box, what the... 
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...Temporal and/or geographic approval/denial follows a similar scheme. OTF 
recryption will) plaintext signature authentication is an optional 
additional level of protection... 

...If slow path 5 1 1 is followed, a test is carried out in step 502 to 
determine if the read primitive is directed to an area of the volume 
(e.g., of... 

...If slow path 561 is followed, a test is carried out in step 552 to 
determine if the write primitive is directed to an area of the volume 
that is excluded... 

...intercept of such an file-OPEN request, THREAD-1 proceeds to step 712 
where it determines whether decryption is necessary for the 
to-be-opened file. If decryption is deemed necessary... 

Exemplary or Independent Claim(s): 

...interceptable file-OPEN requests; (b) selective OPEN continuance 
means, responsive to the intercept means, for determining whether 
an intercepted file-OPEN request is requesting an open of a file for 
which... 

...identity of a requesting program, (b.l) said selective OPEN continuance 
means being further for determining , if the access request is not 
denied on the basis of said identity of the... 

...to the operating system; (c) plaintext tracking means, responsive to the 
selective continuance means, for determining whether a plaintext 
version of the sometimes encrypted data of the requested file already 
exists... 

...and (d) a decrypting mechanism, responsive to the plaintext tracking 
means such that on a determination that a plaintext version of the 
sometimes encrypted data of the requested file does not... 

...kept encrypted most of the time; said method comprising at least the 
step of: (a) determining whether an intercepted file-OPEN request 
is requesting an open of a file for which... 

...requesting program; said method further comprising one or more of the 
following steps if said determining step does not generate an 
access denial decision: (b) using file-exclusion lists to block... 

...request caused by one or more causation-events for access to targeted 
data having a unique identity; (b) first testing the identity of 
the targeted data for satisfaction of a predefined... 

Non-exemplary or Dependent Claim(s): 

...conveying apparatus of claim 33 wherein (b.l) said predefined 
target-query condition includes wild card designations for 
specifying the identity of a satisfying target... 

...conveying apparatus of claim 33 wherein (c.l) said predefined 
causation-query condition includes wild card designations for 
specifying the identity of a satisfying causation event... 
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SYSTEM FOR INTERCEPTING FILE ACCESSES AND FOR AUTOMATIC DECRYPTION AND 
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Detailed Description 

Claims 


Detailed Description 
... Patent 5,xxx„xxx on 

Month Day, 1998 [future issuance number and date to-be 
determined ]. 

3. Description of the Related Art 

As knowledge of computers grows; and as use of.. .remotely via a 
communications network (e.g., 

LAN or WAN) so that a remotely located, authorized 
persons can quickly access the data when needed. 

The above-identified U.S. patent 5... 

...OTF) decryption 
and re-encryption system which conveniently decrypts and 
re-encrypts file data for authorized users on an asneeded basis. 
It is possible, however, that security may be 
inadvertently breached by the unwitting actions of an 
authorized user. The authorized user may have properly 
logged into the system and provided all the appropriate 
passwords which... 

...example, suppose that 
after properly logging into the system and providing all 
appropriate passwords, the authorized user decides to 
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connect via the Internet with a Web site or a like 

source. ..and other basic rebootings of the system. The ROM data may 

specify an OS 

readable, unique serial number f or the computer. The 
computer system 100 may also include a real...various 
kinds of encrypted and plaintext data. Part of that data 
represents a list of authorized users (INCLUDED USER's 
LIST) as will be detailed below. Another part of that 
data...l61 and 162. 

As further seen in Fig. 1, disk subsystem 150 
stores: (a) a bubble - based algorithm 154 for providing 
access approval or denial to access requests presented 
via various kinds... 

...yet 

further stores: (j) one or more bubble-lists 162 that 
are used by the bubble - based algorithm 154 for providing 
access approval or denial to access requests presented 
via various kinds.. .form 

(ciphertext form) except for times when it is being 
- 15 

legitimately used by authorized users. At such times, 
the decrypted data 175 should be kept only in volatile 
memory.. .is employed, the 

executing program or OS component of intercept step 201 
is tested for bubble - based approval or denial by the 
program approving/denying algorithm 154. One such 
algorithm is shown., .is made of the Excluded Directories List(s) of 
memory region 155 (Fig. 1) to determine whether the 
requested file is 'contained' in a directory that is 
identified as an excluded.. .passes to step 
220 by way of connection B 1 . 

At test step 220, it is determined if a decrypted 
version (real or phantom) 16 Id of the file data has 
already been... apparently 

available? test 220 is Yes, control passes to test step 

222 where it is determined if the current file -OPEN 

request issued at the behest of an OTF recryption 

module. ..security label further includes a 

list that defines a valid user identification number for 

each authorized user. The OS or ...security label is formed by 

encrypting the plaintext of 

the needed decryption key using the authorized user's 
public key pursuant to a so-called public-key/private 
key encryption system... 

...such a 

public-key/private -key encryption system.) Accordingly, 
the private key of the same authorized user must be 
obtained in order to decrypt the encrypted key string 
corresponding to that... 

...the current file requester 
(obtained from the OS) can be compared against the list 
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of authorized users within the file's security label to 

see if there is a match. Also be performed in step 226 as deemed 

appropriate to 

determine whether the requesting user and/or the 
requesting application program have valid access rights. 

If the result at the access-rights verification 

step 226 is negative (No), then control is passed to 
point B3 where the intercept routine forces a 'failed 
file-open, to occur. 

If the result at the access-rights verification 

step 226 is instead positive (Yes), then control passes 
to a decrypting process such as... 

...and a decrypted version 16 lei of the requested tile data 
is made available to the authorized requestor. If 
volume-encryption is being used as an additional 
protection, the OTF software is... 

...subsystem directory 151 and 
overwriting the original file name (e.g., 'AA.XLSI) with 
a unique new file name (e.g., 'JAN 98,001 1). 
In one embodiment, the unique new file name is 
selected as follows. The current time and/or current 
date is used to generate a unique alpha-numeric string 
(e.g.,, 'JAN 98.001 1) conforming to the file-naming 
-33 

protocol.. .test and revise 

procedure is repeated until there is no collision. Then 
the non-colliding unique alpha-numeric string (e.g., 
'JAN 98.0021) is used as the new name for... 

...of security methods including the above 
mentioned method of encrypting the decryption key with 
the authorized user's public encryption key. 

Step 245 is optional as indicated by the dashed, 

alternate... or to a hash of such data. A corresponding public key is 

afterwards used to authenticate the signature by 

comparing the decrypted signature (the version decrypted 

with the public key) against the stored data or a hash 

thereof. In one embodiment, the last authorized user to 

edit the file is defined as the master of the file 161 

and his/her private/public key pair is used respectively 

-35 

to sign and authenticate the plaintext. In an alternate 
embodiment, the private/public key pair of the system 
administrator is used respectively to sign and 
authenticate the plaintext. The private/public key pair 
of another entity may yet alternatively be used to 
respectively to sign and authenticate the plaintext. 

If signature test 245 is passed, control is 

afterwards transferred to step 250. ..causing programs. The MS-Windows95 
TM 
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protocol wherein asterisks (*) are used for multi 
character wild cards {including no charactersl and 
question marks (?) are used as single -character wild 
cards may be used. The example at 320b ('*GEN*.XLSI) 
accordingly identifies the class of file. ..and the master program under 
whose 

supervision the slave was loaded. Section 311c 

(MASTER/SLAVE) determines which of these proximity-ofcausation 
designations is to be queried for from the OS. 

If... 

...matches per the 
MASTER/SLAVE qualification of section 3 1 1 c„ then section 
3 lid is consulted to determine if the response to the 
name and type-of-causation matches should be an approval. ..a file-copying 
primitive - function 

such as 'COPY.DLL'. In other words, it has been 
determined thatIC: 
*COPY*.DLLI has no business tiying 

to access a file whose name satisfies.. .step 450 continues along path 

451 to test step 455. In step 455 it is determined 

whether the file-name extension (e.g., the last 

character string following the last period...in step 421, the process 

continues on to 

step 422. In step 422, it is determined by reading the 
APPROVE/DENY section (e.g., 31 Id) of the matched box, 
what the.. .Temporal and/or 

geographic approval/denial follows a similar scheme. OTF 
recryption with plaintext signature authentication is an 
optional additional level of protection. 

Volume-encryption is a yet further, optional 
additional... 
...If slow path 511 is 
followed, a test is carried out in step 502 to determine 
if the read primitive is directed to an area of the 
volume (e.g., of.. .intercept of such an file-OPEN request, 
THREAD- 1 proceeds to step 712 where it determines 
whether decryption is necessary for the to-be-opened 
file. If decryption is deemed necessary... 

Claim 

... b) selective OPEN continuance means 
[202,2 10,. 2 12,2 141, responsive to the intercept means, for 
determining whether an intercepted file-OPEN request is 
requesting an open of a file for which... 

...identity of a requesting program, 
(b.l) said selective OPEN continuance means being 
further for determining , if the access request is not 
denied on the basis of said identity of the. ..the operating system; 
(c) plaintext tracking means [2201, responsive to 
the selective continuance means, for determining whether 
-69 

a plaintext version of the sometimes encrypted data of 
the requested file already... 
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...d) a decrypting mechanism [2401, responsive to the 

plaintext tracking means such that on a determination 

that a plaintext version of the sometimes enciypted data 

of the requested file does not... 
...kept encrypted most of the 

time; said method comprising at least the step of: 

(a) determining [2021 whether an intercepted file 
OPEN request is requesting an open of a file for... 

...requesting program; 
said method further comprising one or more of the 
following steps if said determining step does not 
generate an access denial decision: 

(b) using file-exclusion lists to block.. .caused 

by one or more causation-events for access to targeted 
data [161d] having a unique identity; 
(b) first testing [4111 the identity of the targeted 
data for satisfaction of a... 

...1061 of 
Claim 33 wherein 

(b.l) said predefined target-query condition [320b] 
includes wild card designations for specifying the 
identity of a satisfying target. 

36 The instruction conveying apparatus [1061 of 
Claim 33 wherein 

(c.l) said predefined causation-query condition 

[321b] includes wild card designations for specifying the 

identity of a satisfying causation event. 

37 The instruction conveying... 

32/3,K/4 (Item 1 from file: 275) 

DIALOG(R)File 275:Gale Group Computer DB(TM) 
(c) 2009 Gale/Cengage. All rts. reserv. 

01251888 SUPPLIER NUMBER: 06884081 (USE FORMAT 7 OR 9 FOR FULL TEXT) 
Mass-storage options rise to the challenges of size, ruggedness. (includes 
related article on bubble memory) 

Williams, Tom 

Computer Design, v27, nl3, p83(7) 
July, 1988 

ISSN: 00 1 0-4566 LANGUAGE: ENGLISH RECORD TYPE: FULLTEXT; ABSTRACT 
WORD COUNT: 2446 LINE COUNT: 00193 

...ABSTRACT: 2Mbytes. Lithium battery-backed removable CMOS memory 
cartridges are offering similar capacities and lower cost. Credit card 
-sized memory cards are also offering battery-backed memory for such 
functions as removable RAM... 

let system integrators easily incorporate bubble storage into their 
design. In addition, Magnesys produces custom bubble - based storage 
subsystems. According to Bill Morrison, vice-president of sales and 
marketing at Magnesys, bubble ...modules. Such memory modules come in two 
basic configurations: preintegrated units with standard interfaces and 
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credit - card -sized devices with connector pins. The card-sized devices 
require the system designer to implement... 

...memory may be the answer. 

A more compact form of battery-backed memory is the credit - card 
-sized memory card. Memory cards are modules containing SRAM chips, control 
circuitry and a long...s available in either 3-1/2- or 5-1/4-in. form 
factors. It attaches as an external unit to NEC or Toshiba laptops via 
proprietary cabling for backup operations... 
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Assignee: Unassigned 

Unassigned Or Assigned To Individual (Code: 6X000) 
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Fulltext Word Count: 8199 

Summary of the Invention: 

...capability of magnetically storing information, has more recently 
emerged as a valuable product for facilitating financial services 
primarily. Cards with an IC microprocessor embedded inside and with 
external contacts for communication with an interface device are known 
commonly as... 

...which is the logical opposite of an identifier is used. The conventional 
use of an identifier requires that an AND identification exist in 
order to allow a program to be run. In the disclosure of Geronimi... 

22/3,K/41 (Item 36 from file: 654) 
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(c) Format only 2009 Dialog. All rts. reserv. 

4383812 **IMAGE Available 
Derwent Accession: 1998-542895 
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M/ Countable electronic monetary system and method 

Inventor: Teicher, Mordechai, Kfar Saba, IL 

Assignee: Cardis Enterprise International N.V.(03), Curacao, AN 
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Law Firm: Darby & Darby 

Publication Application Filing 

Number Kind Date Number Date 


Main Patent US 61 19946 A 20000919 US 9850388 19980303 
Priority IL 120585 19970401 


Fulltext Word Count: 22523 

Description of the Invention: 

...consumers for payment. Payment card 2 is either in the well-known 
form of a credit - card -like plastic card with an embedded chip, or 
in any other form, such as key-chain, toll-payment transponder, or part 
...In general, also, a received electronic cash file contains transaction 
records with a transferring device identification field which contains 
the identifier for the device that transferred the electronic cash. 
Transferring devices include, but are not limited... 
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Fulltext Word Count: 7326 

Description of the Invention: 

...security tokens. Currently, smart cards have the approximate look 
and feel of a standard plastic bank card . However, the smart card is 
embedded with a secure (tamper-resistant) silicon chip. The smart card 
holds information in electronic form... 

...FIG. 1 depicts the preferred embodiment of the disclosed methodology for 
providing fingerprints authentication via a credit card form 
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factor. A card 102 (with a credit card form factor) is partially inserted 
into... 

...transmitting an identifier stored in said module which uniquely 
identifies said module; entering a personal identification number; 
checking said identifier , personal identification information, and 
image against said authentication data... 
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MainPatent US6611812 A 20030826 US 99376102 19990817 
CIP US 6389538 A US 98177096 19981022 

CIP US 6226618 A US 98133519 19980813 


Fulltext Word Count: 50606 

Description of the Invention: 

...by the Electronic Digital Content Store(s) 103 and what parts are 
retained in the embedded Metadata SC(s) 620... 

...Digest Algorithm ID —An identifier of the algorithm used to compute 
the digests of the parts... 

...Digital Signature Alg ID -An identifier of the algorithm used to 
encrypt the digest of the concatenated part digests. This encrypted... 

22/3,K/l (Item 1 from file: 15) 

DIALOG(R)File 15:ABI/Inform(R) 

(c) 2009 ProQuest Info&Learning. All rts. reserv. 

02938691 129038781 
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"Surveillance society" and "transparent society:" new challenges for 
society 

Rowley, William 

Spectrum v75n2 PP: 16-17 Spring 2002 
ISSN: 1067-8530 JRNL CODE: PJSG 

...ABSTRACT: would like their financial transactions to be secure. This 
could be accomplished with biometric identifiers embedded in credit 
cards . However, there is much debate about a national ID card with 
biometric identifier . Society will constantly have to weight security 
versus privacy with freedom being impacted no matter... 
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II. 


44/3,K/l (Item 1 from file: 340) 

DIALOG(R)File 340:CLAIMS(R)/US Patent 
(c) 2009 IFI/CLAIMS(R). All rts. reserv. 

10837269 2005-0075984 

E/METHOD TO MAKE TRANSACTIONS SECURE BY MEANS OF CARDS HAVING UNIQE AND 

NON-REPRODUCIBLE IDENTIFIERS 
Inventors: Bourrieres Francis (FR); Bourrieres Frank (FR); Kaiser 

Clement (FR) 
Assignee: Novatec S A FR 
Assignee Code: 55742 

Attorney, Agent or Firm: VIDAS, ARRETT & STEINKRAUS, PA., 6109 BLUE CIRCLE 
DRIVE, SUITE 2000, MINNETONKA, MN, 55343-9185, US 

Publication Application 
Number Kind Date Number Date 


US 20050075984 Al 20050407 US 2003712659 20031 1 13 
Priority Applic: FR 20031 1527 20031002 

METHOD TO MAKE TRANSACTIONS SECURE BY MEANS OF CARDS HAVING UNIQE AND 
NON-REPRODUCIBLE IDENTIFIERS 
Inventors: Bourrieres Francis ... 

... Bourrieres Frank ... 
... Kaiser Clement 

Abstract: ...4) and a remote database (5) connected to a telecommunications 
network. A unique and nonreproducible identifier (3) in the form of a 
bubble code is physically affixed to the card (2) comprising a number (4) 
contained either on... 

...magnetic strip, of a bar code, or in an electronic label. One 
representation of this identifier (6) and or (7) is stored in the remote 
database (5) at the same number (4) as that present on the medium. This 
identifier (3) constitutes an unforgeable link between the magnetic strip 
(1) and the database (5). When... 

...recorded on the card, a link authentication is performed by comparing 
the representation of the identifier stored in said database and the 
actual identifier . 

Exemplary Claim: 

...5) connected to a telecommunications network (9), characterized in 
that a unique and non-reproducible identifier (3) is physically 
integrated in the medium (2) comprising the number (4), this identifier 

(3) constitutes an unforgeable link between the number (4) located on 
the medium and information... 

...4) in the database (5), said stored information comprises at least one 
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representation of the identifier comprising an image (6) and/or a 
digital signature (7) of the unique and non-reproducible identifier 
(3), the link authentication is performed by means of a comparison 
between a representation of the identifier (6 or 7) stored in said 
database (5) and the identifier (3) located on the medium (2), and if 
there is agreement, the transaction is authorized. 

Non-exemplary Claims: 

...telecommunications network (9) according to claim 1, characterized in 
that the unique and non-reproducible identifier (3) constituting the 
unforgeable link between the number (4) recorded on the medium (2) and 
the same number (4) recorded in the database (5) is a volume-based 
identifier (3) in which are contained bubbles of random size, shape, 
and arrangement... 

...printed on the receipt of the printer ( 10), with the real, unique, and 
non-reproducible identifier (3) integrated in the medium (2) 
comprising the number... 

...5) to the number (4) recorded on the medium (2), the unit (12) captures 
the identifier and then the image of this identifier is transmitted 
to the remote database (5), a computation of the signature corresponding 
to the... 


44/3,K/2 (Item 1 from file: 345) 

DIALOG(R)File 345:Inpadoc/Fam.& Legal Stat 
(c) 2009 EPO. All rts. reserv. 

40939608 Family ID: 10939609 

<No. of Patents: 3> <No. of Countries: 2> 

<No. of Legal Status: 1> 
Patent Basic (No,Kind,Date): US 20050075984 Al 20050407 

Method to make transactions secure by means of cards having uniqe and 
non-reproducible identifiers (English) 

Patent Assignee: NOVATEC SA (FR) 

Author (Inventor): BOURRIERES FRANCIS (FR); KAISER CLEMENT (FR); 
BOURRIERES FRANK (FR) 
Record Type: Legal Status; Abstract; Cited Refs 


Patent Family: 

Patent No KdDate ApplicNo Kd Date Wk Added 
FR2860670 Al 20050408 FR 200311527 A 20031002 200514 
FR2860670 Bl 20060106 FR 20031 1527 A 20031002 200602 
US 20050075984 Al 20050407 US 2003712659 A 20031113 200516 (B) 
Priority Data (No,Kind,Date): 
FR 20031 1527 A 20031002 

All Titles: 

Method to make transactions secure by means of cards having uniqe and 

non-reproducible identifiers 
PROCEDE DE SECURISATION DE TRANSACTION A PARTIR DE CARTES PRESENTANT DES 

IDENTIFICATEURS UNIQUES ET INREPRODUCTIBLES 


ABSTRACT: 
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...and a remote database (5) connected to a telecommunications network. A 
unique and non-reproducible identifier (3) in the form of a bubble 
code is physically affixed to the card (2) comprising a number (4) 
contained either on... 

...magnetic strip, of a bar code, or in an electronic label. One 
representation of this identifier (6) and or (7) is stored in the 
remote database (5) at the same number (4) as that present on the 
medium. This identifier (3) constitutes an unforgeable link between 
the magnetic strip (1) and the database (5). When... 

...recorded on the card, a link authentication is performed by comparing 
the representation of the identifier stored in said database and 
the actual identifier. 

Abstracts: 

...and a remote database (5) connected to a telecommunications network. A 
unique and non-reproducible identifier (3) in the form of a bubble 
code is physically affixed to the card (2) comprising a number (4) 
contained either on... 

...magnetic strip, of a bar code, or in an electronic label. One 
representation of this identifier (6) and or (7) is stored in the 
remote database (5) at the same number (4) as that present on the 
medium. This identifier (3) constitutes an unforgeable link between 
the magnetic strip (1) and the database (5). When... 

...recorded on the card, a link authentication is performed by comparing 
the representation of the identifier stored in said database and 
the actual identifier. 

Cited Patents: 


44/3,K/3 (Item 1 from file: 349) 

DIALOG(R)File 349:PCT FULLTEXT 
(c) 2009 WIPO/THOMSON. All rts. reserv. 

01534571 **Image available** 

METHOD FOR CERTIFYING AND SUBSEQUENTLY AUTHENTICATING ORIGINAL PAPER OR 

DIGITAL DOCUMENTS FOR THE CONSTITUTION OF EVIDENCE 
PROCEDE DE CERTIFICATION ET D AUTHENTICATION ULTERIEURE DE DOCUMENTS 

ORIGINAUX PAPIER OU NUMERIQUES POUR CONSTITUTION DE PREUVES 

Patent Applicant/Assignee: 
NOVATEC SA, 350, Avenue d'ltalie, ZA Albasud, F-82000 Montauban, FR FR 

(Residence), FR (Nationality), (For all designated states except: US) 
Patent Applicant/Inventor: 
BOURRIERES Francis , Chemin du Quart, Les Bardonis, F-82000 Montauban, 
FR, FR (Residence), FR (Nationality), 

KAISER Clement ,321, chemin des Cabouillous, Le Carreyrat, F-82000 
Montauban, FR, FR (Residence), FR (Nationality), 

BOURRIERES Franck, Chemin du Quart, Les Bardonis, F-82000 Montauban, FR 
, FR (Residence), FR (Nationality), 
Legal Representative: 
NOVATEC SA (common-representative), 350, Avenue d'ltalie, ZA Albasud, 
F-82000 Montauban, FR 
Patent and Priority Information (Country, Number, Date): 
Patent: WO 200777324 Al 20070712 (WO 0777324) 
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Application: WO 2006FR2799 20061219 (PCTAVO FR2006002799) 
Priority Application: FR 200512985 20051221 
Designated States: 

(All protection types applied unless otherwise stated - for applications 
2004+) 

AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM 

DZ EC EE EG ES FI GB GD GE GH GM GT HN HR HU ID IL IN IS JP KE KG KM KN 

KP KR KZ LA LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MY MZ NA NG NI 

NO NZ OM PG PH PL PT RO RS RU SC SD SE SG SK SL SM SV SY TJ TM TN TR TT 

TZ UA UG US UZ VC VN ZA ZM ZW 

(EP) AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL 
PL PT RO SE SI SK TR 

(OA) BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG 

(AP) BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language: French 
Filing Language: French 
Fulltext Word Count: 11953 

Patent Applicant/Inventor: 
BOURRIERES Francis , ... 

...KAISER Clement,... 
...BOURRIERES Franck 
Legal Representative: 
Fulltext Availability: 
Detailed Description 

English Abstract 

...risk of the evidence being lost. For a physical original document (8) 
associated with a bubble seal (7) there is a corresponding 
time-and-date-stamped, proprietary paperless reference counterpart. For 


...digital original document (15) there is a corresponding reference 
counterpart in the form of a bubble seal (7). 

Detailed Description 

... un precede de fabrication et d'identification d'un document ainsi que 
le dispositif pour identifier ledit document. 

L'objet de ce brevet concerne un depot aleatoire de particules finement 
divisees... 


44/3,K/4 (Item 1 from file: 351) 

DIALOG(R)File 351:Derwent WPI 

(c) 2009 Thomson Reuters. All rts. reserv. 

0015773708 - Drawing available 
WPI ACC NO: 2006-335103/200635 
XRPX Acc No: N2006-283782 

System e.g. computer, non-intrusion or object e.g. cargo, integrity 
non- violation verification method, involves connecting identifier by wire 
to site/system/object, so that tentative opening of site/system/object 
modifies identifier /wire 
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Patent Assignee: NOVATEC SA (NOVA-N); SOC NOVATEC SA (NOVA-N) 
Inventor: BOURRIERES F ; KAISER C 
Patent Family (5 patents, 112 countries) 
Patent Application 

Number Kind Date Number Kind Date Update 
FR 2877472 Al 20060505 FR 20041 1734 A 20041104 200635 B 
WO 2006048542 Al 20060511 WO 2005FR2706 A 20051027 200635 E 
EP 1810266 Al 20070725 EP 2005815185 A 20051027 200750 E 

WO2005FR2706 A 20051027 
CN 101053003 A 20071010 CN 200580037826 A 20051027 200820 E 

WO2005FR2706 A 20051027 
US 20080142671 Al 20080619 WO 2005FR2706 A 20051027 200843 E 

US 2007718205 A 20070427 
Priority Applications (no., kind, date): FR 20041 1734 A 20041104 

Patent Details 

Number Kind Lan Pg Dwg Filing Notes 
FR 2877472 Al FR 24 6 
WO 2006048542 Al FR 

National Designated States,Original: AE AG AL AM AT AU AZ BA BB BG BR BW 
BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR 
HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG 
MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM 
SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW 

Regional Designated States,Original: AT BE BG BW CH CY CZ DE DK EA EE ES 
FI FR GB GH GM GR HU IE IS IT KE LS LT LU LV MC MW MZ NA NL OA PL PT RO 
SD SE SI SK SL SZ TR TZ UG ZM ZW 

EP 1810266 Al FR PCT Application WO 2005FR2706 

Based on OPI patent WO 2006048542 

Regional Designated States.Original: AT BE BG CH CY CZ DE DK EE ES FI FR 
GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR 

CN 101053003 A ZH PCT Application WO 2005FR2706 

Based on OPI patent WO 2006048542 

US 20080142671 Al EN PCT Application WO 2005FR2706 

...computer, non-intrusion or object e.g. cargo, integrity non-violation 

verification method, involves connecting identifier by wire to 

site/system/object, so that tentative opening of site/system/object 

modifies identifier /wire 

Inventor: BOURRIERES F ... 

... KAISER C 

Alerting Abstract ...NOVELTY - The method involves utilizing a physical 
unique and non-reproducible identifier (3), with bubbles formed by a 
chaotic process, whose representation is stored in a database. A wire is 
provided for connecting the identifier to a site/system/object, such that 
any tentative opening of the site/system/object modifies the identifier 
to render the identifier non reusable and/or modifies the wire, in a 
visible manner.... AD VANTAGE - The modification of the identifier and/or 
the wire in a visible manner, during tentative opening of the 
site/system/object, permits verification of the integrity of the 
identifier and its correspondence with its stored representation, thus 
preventing act of malice. The method thus... 

...intrusion or violation. The bubbles are formed by the chaotic process 
during manufacturing of the identifier , thus preventing reproducing of 
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the identifier in a definite way... 
...3 Identifier 


Original Publication Data by Authority 
Argentina 

Assignee name & address: 
Inventor name & address: 
BOURRIERES F ... 

... KAISER C ... 

... BOURRIERES, Francis ... 

... KAISER, Clement ... 

... BOURRIERES F ... 

... KAISER C ... 

... Bourrieres, Francis ... 

... Kaiser, Clement ... 

... BOURRIERES, Francis ... 

... KAISER, Clement 

Examiner: 

Original Abstracts: 

...consistency of object. It adopts the identifying seal and comprises the 
physical recognizer (3) with bubble produced by the chaos method of the 
manufacturing process and the recognizer has uniqueness and can not be 
copied. The representation of the bubble recognizer is stored to the 
database (17) of the local or long-range location in... 

...characteristic of which is to be always unique and non-reproducible. A 
representation of said identifier with bubbles is stored in the form of 
an image and/or digitally in a database local or remote to the address 
(17), for authentication of the assignment of the identifier in situ or 
on the object for protection. Said authenticator is provided with a 
physical... 

...characteristic of which is to be always unique and non-reproducible. A 
representation of said identifier with bubbles is stored in the form of 
an image and/or digitally in a database local or remote to the address 
(<b>17</b>), for authentication of the assignment of the identifier in 
situ or on the object for protection. Said authenticator is provided with a 
physical... 

...characteristic of which is to be always unique and non-reproducible. A 
representation of said identifier with bubbles is stored in the form of 
an image and/or digitally in a database local or remote to the address 
(17), for authentication of the assignment of the identifier in situ or 
on the object for protection. Said authenticator is provided with a 
physical.. .physique (16) permettant de le relier au lieu a proteger ou a 
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l'objet a identifier . Toute atteinte a l'integrite du scelle que ce soit 

a travers l'authentificateur et... 

Claims: 


44/3,K/5 (Item 2 from file: 351) 

DIALOG(R)File 351:Derwent WPI 

(c) 2009 Thomson Reuters. All rts. reserv. 

0015754827 - Drawing available 
WPI ACC NO: 2006-316608/200633 
XRPX Acc No: N2006-269204 

Transaction securing and object/document e.g. passport, authenticating 

method for e.g. Internet, involves comparing representation of bubbles code 

form identifier in form of image and/or digital signature stored in 

database and identifier 

Patent Assignee: NOVATEC SA (NOVA-N) 

Inventor: BOURRIERES F ; KAISER C 

Patent Family (1 patents, 106 countries) 

Patent Application 

Number Kind Date Number Kind Date Update 

WO 2006042913 Al 20060427 WO 2004FR2676 A 20041019 200633 B 

Priority Applications (no., kind, date): WO2004FR2676 A 20041019 

Patent Details 

Number Kind Lan Pg Dwg Filing Notes 
WO 2006042913 Al FR 26 4 

National Designated States.Original: AE AG AL AM AT AU AZ BA BB BG BR BW 
BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR 
HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW 
MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR 
TT TZ UA UG US UZ VC VN YU ZA ZM ZW 

Regional Designated States.Original: AT BE BG BW CH CY CZ DE DK EA EE ES 
FI FR GB GH GM GR HU IE IT KE LS LU MC MW MZ NA NL OA PL PT RO SD SE SI 
SK SL SZ TR TZ UG ZM ZW 

...g. passport, authenticating method for e.g. Internet, involves comparing 
representation of bubbles code form identifier in form of image and/or 
digital signature stored in database and identifier 
Inventor: BOURRIERES F ... 

... KAISER C 

Alerting Abstract ...NOVELTY - The method involves physically attaching 
an identifier (3), in the form of bubbles code, to a card or label 
comprising a number (4). A representation of the identifier in the form 
of an image (6) and/or digital signature (7) is stored in a remote database 
(5) at the number. The identifier constitutes a tamper-resistant link 
authenticated by comparing the representation and the actual identifier 
(3), upon a call from the database.... AD VANTAGE - The comparison of the 
representation of the bubbles code form identifier in the form of an 
image or digital signature stored in the remote database and the actual 
bubbles code form identifier permits to secure and authorize transaction 
or validate the authentication of the objects or documents... 
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...inexpensive manner. The use of the bubbles code enables to prevent the 
dissimulation of the identifier , and constitute a dissuasion unit with 
respect to forgers who are unable to reproduce it... 

...protected by superimposition. The authentication can be performed by 
visual or automatic comparison of the identifier digital signatures or 
images... 

...3 Identifier 


Title Terms.../Index Terms/Additional Words: BUBBLE ; 

Original Publication Data by Authority 

Argentina 

Assignee name & address: 
Inventor name & address: 
BOURRIERES, Francis ... 

... KAISER, Clement 

Examiner: 

Original Abstracts: 

...comprising a number (4) and a remote database (5) connected to a 
telecommunications network. An identifier (3) in the form of code of 
bubbles self-generated in chaotic manner whereof the characteristic is to 
be... 

...in the form of a barcode, or in an electronic label. A representation of 
said identifier in the form of an image (6) and/or digital signature 
(7) is stored in a remote database (5) at the same number (4) as the one on 
the support. Said identifier (3) constitutes a tamper -resistant link 
between the magnetic track (1) or the chip or RFID or code and... 

...written on the card (2), the link is authenticated by comparing the 
representation of the identifier stored in said database (5) and the 
actual identifier (3). If they match , the transaction is authorized or 
the authentication validated. Two authentication modes arc possible: the 
first... 

...comparison of the image signatures and the second is automatic by 
automatic comparison of the identifier digital signatures. The bubbles 
code can integrate the brand logo to be protected by superimposition... 
Claims: 


44/3,K/6 (Item 3 from file: 351) 

DIALOG(R)File 351:Derwent WPI 

(c) 2009 Thomson Reuters. All rts. reserv. 

0014918049 - Drawing available 
WPI ACC NO: 2005-265740/200528 
XRPX Acc No: N2005-2 18522 

Card e.g. bank card, transaction securitization method for shop, involves 
authenticating connection between card and database by comparison between 
representation of identifier and real identifier for authorizing 
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transaction by card 

Patent Assignee: NOVATEC SA (NOVA-N) 
Inventor: BOURRIERES F ; KAISER C 
Patent Family (2 patents, 2 countries) 
Patent Application 

Number Kind Date Number Kind Date Update 
FR2860670 Al 20050408 FR200311527 A 20031002 200528 B 
US 20050075984 Al 20050407 US 2003712659 A 20031113 200528 E 

Priority Applications (no., kind, date): FR 20031 1527 A 20031002 

Patent Details 

Number Kind Lan Pg Dwg Filing Notes 
FR 2860670 Al FR 13 2 

...method for shop, involves authenticating connection between card and 
database by comparison between representation of identifier and real 
identifier for authorizing transaction by card 

Original Titles: 

Method to make transactions secure by means of cards having uniqe and 
non-reproducible identifiers 
Inventor: BOURRIERES F ... 

... KAISER C 

Alerting Abstract ...NOVELTY - The method involves integrating a real 
identifier (3) with a card (2) having a magnetic track (1) with a number 
(4). A representation of the identifier in the form of an image (6) and 
digital signature (7) is stored in a... 

...connection between the card and database is authenticated by comparison 
between the representation of the identifier and the real identifier 
for authorizing transaction by the card.. ..3 Real identifier 


Original Publication Data by Authority 
Argentina 

Assignee name & address: 
Inventor name & address: 
BOURRIERES F ... 

... KAISER C ... 

... BOURRIERES F ... 

... Bourrieres, Francis ... 

... Kaiser, Clement ... 

... Bourrieres, Francis 

Examiner: 

Original Abstracts: 

...and a remote database (<b>5</b>) connected to a telecommunications 
network. A unique and non-reproducible identifier (<b>3<b>) in the form 
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of a bubble code is physically affixed to the card (<b>2</b>) comprising 
a number (<b>4</b>) contained either on... 
...magnetic strip, of a bar code, or in an electronic label. One 
representation of this identifier (<b>6</b>) and or (<b>7<vb>) is stored 
in the remote database (<b>5</b>) at the same number (<b>4<^b>) as that 
present on the medium. This identifier (<b>3</b>) constitutes an 
unforgeable link between the magnetic strip (<b>K/b>) and the database 
(<b>5</b>). When... 

...recorded on the card, a link authentication is performed by comparing 
the representation of the identifier stored in said database and the 
actual identifiers 
Claims: 

...5</b>) connected to a telecommunications network (<b>9</b>), 
characterized in thata unique and non-reproducible identifier (<b>3</b>) 
is physically integrated in the medium (<b>2</b>) comprising the number 
(<b>4</b>),this identifier (<b>3</b>) constitutes an unforgeable link 
between the number (<b>4</b>) located on the medium and information... 

...4</b>) in the database (<b>5</b>),said stored information comprises at 
least one representation of the identifier comprising an image (<b>6</b>) 
and/or a digital signature (<b>7</b>) of the unique and non-reproducible 
identifier (<b>3</b>),the link authentication is performed by means of a 
comparison between a representation of the identifier (<b>6</b> or 
<b>7</b>) stored in said database (<b>5</b>) and the identifier 
(<b>3</b>) located on the medium (<b>2</b>), andif there is agreement, the 
transaction is authorized. 


44/3,K/7 (Item 4 from file: 351) 

DIALOG(R)File 351:Derwent WPI 

(c) 2009 Thomson Reuters. All its. reserv. 

0010935318 - Drawing available 
WPI ACC NO: 2001-557584/200162 
XRPX Acc No: N2001-414369 

Method for identifying and authenticating objects, human beings, or 
transactions designed to optimize reading of a non reproducible identifier 
Patent Assignee: BOURRIERES F (BOUR-I); KAISER C (KAIS-I); NOVATEC SA 

(NOVA-N); SOC NOVATEC SA (NOVA-N) 
Inventor: BOURRIERES F ; KAISER C 
Patent Family (13 patents, 92 countries) 
Patent Application 

Number Kind Date Number Kind Date Update 
WO 2001057831 Al 20010809 WO2001FR322 A 20010202 200162 B 
FR 2804783 Al 20010810 FR 20001403 A 20000204 200162 E 
FR 2804784 Al 20010810 FR 200012860 A 20001009 200162 E 
AU200131967 A 20010814 AU 200131967 A 20010202 200173 E 
EP 1252616 Al 20021030 EP 2001904039 A 20010202 200279 E 

WO 2001FR322 A 20010202 
US 20030014647 Al 20030116 WO2001FR322 A 20010202 200308 E 

US 2002182967 A 20020801 
JP 2003521717 W 20030715 JP 2001557005 A 20010202 200347 E 

WO 2001FR322 A 20010202 
EP 1252616 Bl 20050907 EP 2001904039 A 20010202 200559 E 

WO 2001FR322 A 20010202 
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DE 60113232 E 20051013 DE 60113232 A 20010202 200568 E 

EP 2001904039 A 20010202 

WO2001FR322 A 20010202 
ES 2248279 T3 20060316 EP 2001904039 A 20010202 200622 E 
DE 60113232 T2 20060706 DE 60113232 A 20010202 200645 E 

EP 2001904039 A 20010202 

WO2001FR322 A 20010202 
DE 60113232 T9 20061207 DE 60113232 A 20010202 200680 E 

EP 2001904039 A 20010202 

WO 2001FR322 A 20010202 
US 7380128 B2 20080527 WO2001FR322 A 20010202 200835 E 

US 2002182967 A 20020801 


Priority Applications (no., kind, date): FR 20001403 A 20000204; FR 
20003148 A 20000313; FR 200012860 A 20001009 


Patent Details 

Number Kind Lan Pg Dwg Filing Notes 
WO 2001057831 Al FR 23 4 

National Designated States,Original: AE AG AL AM AT AU AZ BA BB BG BR BY 
BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN 
IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX MZ NO NZ PL 
PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW 
Regional Designated States.Original: AT BE CH CY DE DK EA ES FI FR GB GH 
GM GR IE IT KE LS LU MC MW MZ NL OA PT SD SE SL SZ TR TZ UG ZW 
AU 200131967 A EN Based on OPI patent WO 2001057831 

EP 1252616 Al FR PCT Application WO 2001 FR322 

Based on OPI patent WO 200 1 05783 1 
Regional Designated States.Original: AL AT BE CH CY DE DK ES FI FR GB GR 

IE IT LI LT LU LV MC MK NL PT RO SE SI TR 
US 20030014647 Al EN PCT Application WO 2001 FR322 
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...and authenticating objects, human beings, or transactions designed to 
optimize reading of a non reproducible identifier 
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Inventor: BOURRIERES F ... 


... KAISER C 

Alerting Abstract ...NOVELTY - Reading of unique non - reproducible 
volume identifier (100) of type including mix of at least two 
distinguishable materials (110,120). Recognize internal heterogeneous 
structure in two dimensions of the identifier then show evidence to prove 
its third dimension. Show the volume disposition of material arrangement 
contained in identifier by analysis of shadows (121) generated by 
material as function of incidence angle of light with respect to the 
identifier . DESCRIPTION - The identifier contains bubbles (120). Read 
and show the volume disposition of the bubbles contained in the identifier 

(100) by successive submission, without delay of the identifier , to a 
diffused light produced by a projection (700) along two dimensions of the 
bubble contours which allows reading and coding. Then submit to 
illumination which generates a reflection at... 

...110) so as to prove its volume aspect. Show the volume disposition (800) 
of the identifier (100) by analysis of the shapes reflected by the 
bubbles (120) contained in the identifier ( 1 00) as a function of the 
illumination. The method uses a bank of lamps passing... 

...to create diffuse lighting or a single set is illuminated to create a 
beam. The identifier is a transparent material (110) whose bubbles are 
auto-generated by a thermal process during... 

...100 identifier 

Original Publication Data by Authority 
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Assignee name & address: 
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Fulltext Word Count: 4739 

Inventor: Bourrieres, Francis ... 
... Kaiser, Clement ... 

... Bourrieres, Franck 

Description of the Invention: 

...the seal of authority. There are also metal seals or plastic ones 
integrating a collar identifier appearing upon progressive tightening. 
These seals are not reusable because their destruction is irremediable 
when.. .an object or a living being. In this document, it is recommended 
to attach an identifier difficult or impossible to reproduce within the 
object or living being to identify or authenticate... 

...any case to guarantee system or protected location breeches. Indeed, the 
fact of affixing an identifier on an object does not prevent gaining 
access to the object, modifying it, analyzing it, and from replacing the 
same identifier without detection even if this is not reproducible. In 
the worst cases, it is even... 

...Document WO 01/1 1591 describes a device which makes it possible to 
identify objects. This identifier has the effect of comprising a matrix 
of lenses which generates a visual effect in... 

...0016] following the example of patent FR2848698, this identifier does 
not allow guarantee of the opening description or the intrusion of the 
object orOO 17] The identifier described in this document is 
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reproducible ad infinitum since it rests certainly on a manufacturing 
process, complex but completely controlled. Consequently the uniqueness 
of this identifier is not assured... 

...0018] The identifier is not associated with a database.. .bubbles, 
always unique and impossible to reproduce with the associated means to 
interpret it. This bubble authentic at or, although impossible to 
reproduce, cannot act alone within the framework of this invention for... 
example in the form of photography and one or more representations 
characterizing this shape of identifier are stored in a memory or a 
database either in the form of two dimensionaL.The patent EP01 904039.3 
of the same applicant and inventors suggests this type of bubble 
authenticator with a suitable reading system. In the case of this 
invention, it is a question of using this bubble authenticator in a 
particular process where the finality or goal is to block or to... 
controller by what means there was opening. Without leaving the framework 
of this invention, an identifier such as a bar code or electronic 
(RFID) can be associated with each seal, thus. ..protected location. If 
the database is not local but remote a call code constituting the 
identifier of the authenticator in the distant database is used, the 
call code can be numerical., .with the bubbles of two transparent 
authenticators, it becomes easy to compare all new relative bubble 
positions and thus to prove the opening leading to this change... 
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Fulltext Word Count: 9415 
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... Kaiser, Clement ... 

... Bourrieres, Frank 

Abstract: 
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...characteristic of which is to be always unique and non-reproducible. 
A representation of said identifier with bubbles is stored in the form 
of an image and/or digitally in a database local or remote to the address 
(17), for authentication of the assignment of the identifier in situ or 
on the object for protection. Said authenticator is provided with a 
physical... 

Description of the Invention: 

...generally bearing the hallmark of the Authority. Metal or plastic 
seals also exist integrating an identifier in the form of a plastic 
cinch-up tie. These seals are not re -usable. ..living being without a 
specific reader. In this document, it is recommended to attach an 
identifier difficult or impossible to reproduce to the object or the 
living being for identification or... 

...guarantee the non-opening of a system or a site for protection. Indeed, 
affixing an identifier on an object does not prevent having access to 
the object, modifying it, analysing it... 

...Document WO 01/1 1591 describes a device that makes it possible to 
identify objects. This identifier has the characteristic of comprising 
a matrix of lenses that generates a three-dimensional optical. ..0022] 
following the example of patent FR 2848698, this identifier docs not 
allow to guarantee the proof of the opening of or the intrusion into... 

...0023] The identifier described in this document is reproducible ad 
infinitum as it is based on a manufacturing process admittedly complex 
but mastered. Consequently the uniqueness of this identifier is not 
guaranteed... 

...0024] the identifier is not associated with a databasc.and that is 
recorded in a database, consequently, even if a person manages to steal 
identifiers , the latter would be of no use as they would not be recorded 
in the... local or remote database, To ensure the non-reproducibility of 
the physical authenticator a volumic identifier that is the result of a 
chaotic process impossible to control by man is used.. .in the form of a 
photograph and one or several representations characterizing this shape 
of identifier are stored in a memory or a database either in the form 
of a two. ..local and/or remote database with the physical authenticator 
by analysing the similarity of the bubble or heterogeneity positions. 
There are several means of viewing the image: either directly on a... 

...in which the database is remote rather than local, a call directing code 
constituting the identifier of the authenticator in the remote 
database is used, the call directing code may be...they form a complex 
which is inseparable unless said complex is broken thereby making the 
identifier unusable in this case. The free second end of the wire of 
which one of... placing an identification plate on the object and then 
concealing the mechanical system with an identifier of the type with 
bubbles, the whole being integrated into a transparent polymer of the... 

...access to the mechanical system on the one hand and/or prohibiting 
recovery of the bubble code on the other hand. The general object of 
the invention is to protect the. ..would be to identify and verify the 
coherence between a logical signature extracted from the bubble code 
and that stored in the RFTD memory. This application proves to be of much 
...end of the wire (7) is positioned between the free portions 
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non-occupied by the identifier with bubbles as illustrated in 1A. 
Thereafter and as illustrated in IB, the end (7... connection between the 
authenticator and the object for protection. A unique and 
non-reproducible volumic identifier of the type with bubbles (3) is 
incorporated into the transparent resin (12) before the. ..0050] A wire 
( 8 ) passing through the identifier ( 3) positioned and integrated upon 
production of the complex forming the seal... in a tamper-resistant manner 
by gluing or direct adherence of the material used during bubble 
generation to the support (19). Upon assembly onto the system or the site 
for protection... 

...In this example an alphanumeric code is engraved on the collar, it 
constitutes the call identifier in the database in order to verify that 
it is indeed the correct bubble code and to acknowledge the authentic 
object to which it is attached and information associated. ..not only 
identification conferred by the RFID, but very high security 
authentication conferred by the bubble code (3) during a check "in situ 
...on one same seal affixed to at least two physical elements, and the 
same call identifier then allows to verify all of the authenticators 
constituting the seal 

Exemplary or Independent Claim(s): 

...of the system or the site or the object, and that same call or address 
identifier in the database then allows to verify the association 
between the one and the other...on one same seal affixed to at least 
two physical elements, and that same call identifier then allows to 
verify all of the authenticators constituting the seal. 

Non-exemplary or Dependent Claim(s): 

...20) (23) according to claim 1, characterised in that an image of the 
transparent volumic identifier (3) is stored in a memory physically 
located within the system or the site for.. .the integrity of an 
object (20) (23) according to claim 9, characterised in that an 
identifier (17) is associated with the authenticator corresponding 
to the address thereof in the database... 

...3) of which the volume integrates a wire (8) constituting the physical 
connection between said identifier and the system or the site for 
protection and or for identification. ..in that in that the unique and 
non-reproducible physical volumic authenticator is a volumic 
identifier with bubbles (3) directly integrated into an adhesive 
label (21) comprising a base that is... 
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Fulltext Word Count: 3219 

Method to make transactions secure by means of cards having uniqe and 
non-reproducible identifiers 
Inventor: Bourrieres, Francis ... 

... Kaiser, Clement ... 

... Bourrieres, Frank 

Abstract: 

...and a remote database (5) connected to a telecommunications network. 
A unique and non-reproducible identifier (3 ) in the form of a bubble 
code is physically affixed to the card (2) comprising a number (4) 
contained either on... 

...magnetic strip, of a bar code, or in an electronic label. One 
representation of this identifier (6) and or (7) is stored in the 
remote database (5) at the same number (4) as that present on the medium. 
This identifier (3) constitutes an unforgeable link between the 
magnetic strip (1) and the database (5). When... 

...recorded on the card, a link authentication is performed by comparing 
the representation of the identifier stored in said database and the 
actual identifier . 

Summary of the Invention: 

...0004] The invention is characterized in that an always unique and 
non-reproducible identifier is physically integrated in the medium 
comprising the number, in that this identifier constitutes an 
unforgeable link between the number located on the medium and information 
stored under... 

...comprises at least one image and/or numeric signature of the unique and 
non-reproducible identifier , in that the link authentication is 
effected by means of a comparison between a representation of the 
identifier stored in said database and the identifier located on the 
medium, and in that if there is agreement between the two, the... 

...0005] Naturally, in addition to the image and/or numeric signature 
corresponding to the identifier , the database may also comprise other 
data. As non-limiting examples, this other data could... 

Description of the Invention: 

...0009] FIG. 3 represents an embodiment of a unique and unforgeable 
identifier . 


EIC3600 SEARCH RESULTS 


33 


5/6/2009 


...means of creating the non-forgeable link in accordance with this 
invention uses a physical identifier . This identifier is physically 
affixed to the unit bearing the number, for example the familiar, 
standard format, plastic card. Another characteristic of this procedure 
is brought about by the fact that the identifier is always unique and 
non-reproducible and therefore it constitutes an unforgeable link between 
the... 

...as US-2003-0014647-A1, by the same applicants and inventors, proposes a 
volume -based identifier in which three-dimensional bubbles are 
self-generated and arranged in a random manner that... 

...0011] To this end, a volume-based identifier containing 
self-generated bubbles arranged in a random and non-reproducible manner 
in a transparent substance is one means suitable to create an unforgeable 
link. Said bubble identifier , whose identical reproduction is 
impossible, is affixed on the card-type medium comprising the number. An 
image of the identifier , in which the bubbles and their form, size, and 
relative position are clearly perceived, is... 

...remote database. All one has to do is visually compare the actual and 
non-reproducible identifier affixed to the card-type medium to the 
image received. The operator can then authenticate... 

...of existing infrastructures and therefore without additional 
investments. Only the card-type media comprising the bubble 
volume-based identifier incur additional identifier -related costs. In 
this case, for the authentication to be complete, the operator must 
ensure that the identifier is three-dimensional... 

...automatic. In this case, the card comprising the number and the unique 
and non-reproducible identifier has the number and the identifier 
read by means of a reader comprising the mean(s) adapted for reading. The 
part of the reader integrating the read mode of the unique and 
non-reproducible identifier can analyze and decide on the identifier 
's characteristic elements, thereby making the identifier 
non-reproducible. It can also extract the image allowing the signature or 
code to be... 

...the database for the number recorded on the card, the integrated reader 
simultaneously captures the identifier ; the identifier 's image or its 
representation is then transmitted to the remote database and a 
computation... 

...exists and the transaction is authorized. In this case, the 
three-dimensional image of the identifier may be verified by subjecting 
it to different lighting... 

...0013] When a bubble identifier is utilized as an unforgeable link, 
the three-dimensionality of this identifier enables the generation of 
shadows and/or reflections occupying different positions as a function of 
the lighting angles. As a result, the same identifier generates a 
plurality of image signatures. These images comprising different shadows 
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or reflections may be... 


...database and used depending on the security level required in 
transactions. For example, when the identifier is read, the reader may 
capture an image from one lighting angle and request the... 

...0014] If the unforgeable identifier is comprised of self-generated 
bubbles, it is preferable to record the number on the... 

...matrix-type code. Thus, the same optical reader device will be able to 
read the identifier 's image and the number stored in the 
two-dimensional code. In this case, one would therefore preferentially 
arrange the identifier and the two-dimensional code in a preferential 
manner on the card, in such a... 

...0015] In order to authenticate an identifier , we can access the 
database with a mobile phone. In that case, the address number... 

...database through the keyboard of said phone and by return the picture 
image of the identifier is sent back onto the phone display. The 
operator can then authenticate by checking the match between the picture 
signature on the display and the identifier . In case of a three 
dimensional identifier , the operator will also have to check the 
volumic aspect of the later... 

...the last generation of mobile phones equipped with digital cameras can 
be used as an identifier reader... 

...2) that may be an ISO-format magnetic strip plastic or paper card 
comprises an identifier (3), whose characteristic elements are always 
unique and unforgeable, is physically affixed to it. The... 

...radio at the same number (4) as that recorded on the magnetic strip (1). 
This identifier (3) constitutes the unforgeable link, due to its 
uniqueness and non-reproducibility, between the magnetic... 

...same number (4) located in the database (5) to which corresponds a 
representation of said identifier in the form of an image (6) and a 
digital signature (7). To validate a... 

...certainty at the time of a call (9), one must establish agreement 
between the physical identifier (3) and one of its image (6) or digital 

(7) representations in the remote database... 

...a magnetic reader (8) a card (2) provided with a magnetic strip (1) and 
a bubble identifier (3) whose characteristic feature is that it is 
always unique and non reproducible. After reading... 

...10) on which the image (6) appears. The operator makes a visual 
comparison between the bubble identifier (3) and its image (6) 
displayed on the terminal (1 1) and/or on the receipt... 

...0019] In the automatic mode, a card (2), bearing a magnetic strip (1) 
and a bubble identifier (3) characterized by always being unique and 
non reproducible, is inserted into a device comprising a magnetic reader 

(8) and a bubble identifier -capturing device. When the capturing 
device (12) finishes reading the number (4) contained on the magnetic 
strip and reading the volume-based authentication of the bubble 
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identifier (3), the image is captured and sent via (9) toward the 

database (5) to the... 

...may also be made at the database-level. In the same manner, verification 
of the identifier 's three-dimensional image may be performed either by 
the scanner or the database or... 

...0022] FIG. 3 represents a unique a non reproducible identifier in 
which bubbles having shapes and holding random positions are 
self-generated. This bubble identifier is especially well suited to 
make applications secure in accordance with this invention. FIG. 3a 
depicts a view of the identifier in which the bubbles are perceived in 
their three-dimensional volume arrangement. FIG. 3b depicts a top-view of 
the identifier subjected to diffuse lighting and displaying the only 
two-dimensional image. FIG. 3c depicts a top view of the identifier 
subjected to point lighting and displaying generated reflections thereby 
proving its three-dimensionality. Depending on 

Exemplary or Independent Claim(s): 

...5) connected to a telecommunications network (9), characterized in 
that 

a unique and non-reproducible identifier (3) is physically 
integrated in the medium (2) comprising the number (4), 
this identifier (3) constitutes an unforgeable link between the 
number (4) located on the medium and information... 

...4) in the database (5), 

said stored information comprises at least one representation of the 

identifier comprising an image (6) and/or a digital signature (7) of 

the unique and non-reproducible identifier (3), 

the link authentication is performed by means of a comparison between 

a representation of the identifier (6 or 7) stored in said database 

(5) and the identifier (3) located on the medium (2), and 

if there is agreement, the transaction is authorized. 

Non-exemplary or Dependent Claim(s): 

...telecommunications network (9) according to claim 1, characterized in 
that the unique and non-reproducible identifier (3) constituting 
the unforgeable link between the number (4) recorded on the medium 
(2) and the same number (4) recorded in the database (5) is a 
volume-based identifier (3) in which are contained bubbles of 
random size, shape, and arrangement... 

...printed on the receipt of the printer (10), with the real, unique, and 
non-reproducible identifier (3) integrated in the medium (2) 
comprising the number... 

...5) to the number (4) recorded on the medium (2), the unit (12) captures 
the identifier and then the image of this identifier is 

transmitted to the remote database (5), a computation of the 
signature corresponding to the... 
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53 0 S1(5N)(BUBBLE()BASED) 

54 0 S 1 (5N)BUBBLE()(CODE OR CODES OR CODED OR CODING??) 

55 61 Sl(5N)(ELECTRONIC()LABEL???) 

56 21 Sl(5N)(NON()REPRODUCIBLE) 

57 3781 Sl(5N)BARCOD??? 

58 165039 S1(5N)(UNIQUE OR SPECIAL OR SECURE??? OR SOLE OR DIFFERENT 

OR UNGUESSABLE) 

59 12719 Sl(5N)(ENCOD? OR ENCIPHER? OR ENCYPHER?) 

510 5230781 CREDIT()CARD? OR REVOLV?()CREDIT? OR CREDITCARD? OR VISA - 

OR MASTER()CARD? OR MASTERCARD? OR AMEX OR AMERIC AN()EXPRES S - 
OR (CHARGE OR CREDIT OR BANK OR DEBIT OR STORED() VALUE? OR FI- 
NANCIAL)(3N)(CARD? ? OR TOKEN? OR INSTRUMENT?) 

511 44021 S10(5N)(AUTHENTICAT?ORVERIF?) 

512 46648 S10(5N)(AUTHORIZ?ORAUTHORIS?) 

513 31782 S10(5N)(DETERMIN? OR CONFIRM?) 

514 12489 S10(5N)(AFFIXED OR ATTACH??? OR .ON. OR EMBED????) 

5 1 5 4445 AU=(BOURRIERES, F? OR BOURRIERES? OR KAISER, C? OR KAISER - 
C? OR FRANCIS(2N)BOURRIERES OR FRANK(2N)BOURRIERES OR CLEMENT- 
(2N)KAISER) 
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516 90641 S2(S)(S2 OR S6 OR S7 OR S8 OR S9) 

517 301 S16(S)(S11:S14) 

518 178 S17NOTPY>2003 

519 176 RD (unique items) 

520 86 S19 NOT VOICE 

521 77 S20 NOT GUEST?? 

522 63 S21 NOT BRAND? 

523 76 BUBBLE()(CODE OR CODES OR CODED OR CODING??) 

524 835 (BUBBLE()BASED) 

525 910 S23 0RS24 

526 87 S25 AND (AUTHENTICAT? OR VERIF?) 

527 20 S25 AND (AUTHORIZ? OR AUTHORIS?) 

528 341 S25 AND (DETERMIN? OR CONFIRM?) 

529 198 S25 AND (AFFIXED OR ATTACH??? OR .ON. OR EMBED????) 

530 389 S26:S29 

531 22 S30 AND (CREDIT()CARD??) 

532 18 RD (unique items) 

533 74 S30 AND UNIQUE 

534 33 S33 AND CARD?? 

535 20 S34NOTS32 

536 20 RD (unique items) 

537 354 RDS30 (unique items) 

538 125 S37 NOT (GAS OR THERMAL OR ACOUSTIC?) 

539 34 S3 8(S)(CODE OR CODES OR CODED OR CODING??) 

540 24 S39 AND (AUTHENTICAT? OR VERIF?) 

541 3 S40 NOT (S32 OR S36) 

542 37 S 1 5 AND S 1 

543 34 RD (unique items) 

544 10 S43 AND BUBBLE 

545 4213 AU=(BOURRIERES, F? OR BOURRIERES F? OR KAISER, C? OR KAISER 

C? OR FRANCIS(2N)BOURRIERES OR FRANK(2N)BOURRIERES OR CLEMEN- 
T(2N)KAISER) 


36/3,K/l (Item 1 from file: 88) 

DIALOG(R)File 88:Gale Group Business A.R.T.S. 
(c) 2009 Gale/Cengage. All rts. reserv. 

03934743 SUPPLIER NUMBER: 18338847 
What became of the Japanese "miracle." (economic development in 
Japan)(Economic Myths Explained) 

Asher, David L. 

ORBIS, v40,n2, p2 15(20) 

Spring, 1996 

ISSN: 0030-4387 LANGUAGE: English RECORD TYPE: Fulltext; Abstract 
WORD COUNT: 10529 LINE COUNT: 00829 

... bubble. A veritable industry of social scientists and business 
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writers sprang up to explain the " unique Japanese" and the implications 
of their success. The writings of the revisionists (so-named by...l991, the 
business expansion will continue. Thus, steady growth would seem to be in 
the cards over the next 10 years."(7) Indeed, supported by steady capital 
expenditure increases, as companies. ..soon made similar pledges. The loan 
data that became public in the weeks that followed confirmed what many 
had long suspected: a massive gap existed between the percentage of problem 
loans... 

...the auto and electronics industries leading the shift. 

The extent of the hollo wing-out is verified by the Economic Planning 
Agency's quarterly Tankan survey of business activity. The Tankan questions 
...New York and London exchanges. Thus, the market is in the midst of 
another valuation bubble , based this time on the faith fickle 
foreigners place in the Japanese government. If foreign investors. ..Myths, 
Illusions, and New Realities 

Over the last decade, the effectiveness of many of the unique 
Japanese institutions that captivated social scientists and struck a 
mixture of fear and awe into... 

...to purchase imported products, and merit is starting to matter more than 
maturity as a determinant of employee compensation. Moreover, on the 
macro-level, Japan's economic problems are beginning to...undoubtedly will 
have a hard time dealing with Japan's new economic reality. Japan's unique 
economic system may be changing, but there is relatively little evidence, 
outside of the rise... 
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10837269 2005-0075984 

E/METHOD TO MAKE TRANSACTIONS SECURE BY MEANS OF CARDS HAVING UNIQE AND 
NON-REPRODUCIBLE IDENTIFIERS 

Inventors: Bourrieres Francis (FR); Bourrieres Frank (FR); Kaiser Clement 
(FR) 

Assignee: Novatec S A FR 
Assignee Code: 55742 

Attorney, Agent or Firm: VIDAS, ARRETT & STEINKRAUS, P.A., 6109 BLUE CIRCLE 
DRIVE, SUITE 2000, MINNETONKA, MN, 55343-9185, US 

Publication Application 
Number Kind Date Number Date 


US 20050075984 Al 20050407 US 2003712659 20031113 
Priority Applic: FR 20031 1527 20031002 

METHOD TO MAKE TRANSACTIONS SECURE BY MEANS OF CARDS HAVING UNIQE AND 
NON-REPRODUCIBLE IDENTIFIERS 

Abstract: A method for making transactions secure based upon a card -type 
medium (2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network. A unique and nonreproducible identifier (3) 
in the form of a bubble code is physically affixed to the card (2) 
comprising a number (4) contained either on a magnetic strip, of a bar 
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code... 


...call is made to the remote database by means of the number recorded on 
the card , a link authentication is performed by comparing the 
representation of the identifier stored in said database and the... 

Exemplary Claim: 

1 . Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9), characterized in that a unique and 
non-reproducible identifier (3) is physically integrated in the medium 
(2) comprising the number... 

...of the identifier comprising an image (6) and or a digital signature (7) 
of the unique and non-reproducible identifier (3), the link 
authentication is performed by means of a comparison between a 
representation of the identifier (6 or... 

...identifier (3) located on the medium (2), and if there is agreement, the 
transaction is authorized . 

Non-exemplary Claims: 

2. Method for making transactions secure based on a card -type medium (2) 
comprising a number (4) and a remote database (5) connected to a... 

...3. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a... 

...4. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a... 

...5. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9) according to claim 1, characterized in 
that the unique and non-reproducible identifier (3) constituting the 
unforgeable link between the number (4) recorded on... 

...6. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9) according to claim 1, characterized in 
that the authentication of the unforgeable link authorizing the 
transaction is performed in a visual manner by an operator (13... 

...terminal monitor (1 1) or printed on the receipt of the printer (10), 
with the real, unique , and non-reproducible identifier (3) integrated 
in the medium (2) comprising the number... 

...8. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9) according to claim 1, characterized in 
that the authentication of the unforgeable link authorizing the 
transaction is performed automatically. When the operators (13) place a 
call (9) to the... 

...is performed and compared to that (7) stored in said database. If there 
is agreement, authentication of the link exists and the transaction is 
authorized . 
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DIALOG(R)File 345:Inpadoc/Fam.& Legal Stat 
(c) 2009 EPO. All rts.rescrv. 

40939608 Family ID: 10939609 

<No. of Patents: 3> <No. of Countries: 2> 

<No. of Legal Status: 1> 
Patent Basic (No,Kind,Dale): US 20050075984 A 1 20050407 

Method to make transactions secure by means of cards having uniqe and 
non-reproducible identifiers (Knglish) 

Patent Assignee: NOVATEC SA (FR) 

Author (Inventor): BOURRIERES FRANCIS (FR); KAISER CLEMENT (FR); 
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Patent Family: 

Patent No KdDate ApplicNo KdDate Wk Added 
FR2860670 Al 20050408 FR 20031 1527 A 20031002 200514 
FR2860670 Bl 20060106 FR 2003 1 1527 A 20031002 200602 
US 20050075984 Al 20050407 US 2003712659 A 20031113 200516 (B) 
Priority Data (No,Kind,Date): 
FR 20031 1527 A 20031002 

All Titles: 

Method to make transactions secure by means of cards having uniqe and 

non-reproducible identifiers 
PROCEDE DE SECURISATION DE TRANSACTION A PART1R DE CARTES... 


ABSTRACT: 

...A method for making transactions secure based upon a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network. A unique and non-reproducible 
identifier (3) in the form of a bubble code is physically 
affixed to the card (2) comprising a number (4) contained either 
on a magnetic strip, of a bar code... 

...call is made to the remote database by means of the number recorded on 
the card , a link authentication is performed by comparing the 
representation of the identifier stored in said database and the... 

Abstracts: 

...identificatcur (3) sous forme de code a bulles dont la earaeteristique 
est d'etre toujours unique et inreproductible est physiquement 
attache a la carte (2) comportanl un numero (4) contenu soit sur unc 
piste magnetique, soit... 

...identificatcur. 

US 20050075984 Al 20050407 (English) A method for making transactions 
secure based upon a card -type medium (2) comprising a number (4) 
and a remote database (5) connected to a telecommunications network. 
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A unique and non-reproducible identifier (3) in the form of a 
bubble code is physically affixed to the card (2) comprising a 
number (4) contained either on a magnetic strip, of abar code... 

...call is made to the remote database by means of the number recorded on 
the card , a link authentication is performed by comparing the 
representation of the identifier stored in said database and the... 

Cited Patents: 


36/3,K/4 (Item 1 from file: 348) 

DfALOG(R)File 348:EUROPEAN PATENTS 
(c) 2009 European Patent Office. All rts. reserv. 

01095278 

SYSTEM FOR INTERCEPTING FILE ACCESSES AND FOR AUTOMATIC DECRYPTION AND 

RE-ENCRYPTION OF FILE DATA ON A PER USE BASIS 
SYSTEM ZUM AUFFANGEN VON DATEIZUGRIFFEN UND ZUM AUTOMATISCHEN ENTSCHLUSSELN 

UND WIEDER-VERSCHLUSSELN VON DATEIDATEN AUF BENUTZUNGSBASIS 
SYSTEME PERMETTANT DTNTERCEPTER DES ACCES DE FICHIER, DECRYPTAGE 

AUTOMATIQUE ET RE-CRYPTAGE DES DONNEES D UN FICHIER AU MOMENT DE SON 

UTILISATION 
PATENT ASSIGNEE: 
SYMANTEC CORPORATION, (1606222), 20330 Stevens Creek Boulevard, 

Cupertino, CA 95014, (US), (Proprietor designated states: all) 
INVENTOR: 

GRAWROCK, David, 8285 S.W. 184th, Aloha, OR 97007, (US) 
LEGAL REPRESENTATIVE: 
Barnard, Eric Edward (28021), Brookes Batchellor 102-108 Clerkenwell Road 
, London EC1M 5SA, (GB) 
PATENT (CC, No, Kind, Date): EP 1066554 Al 0101 10 (Basic) 
EP 1066554 Bl 031015 
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APPLICATION (CC, No, Date): EP 99914891 990308; WO 99US5070 990308 
PRIORITY (CC, No, Date): US 47316 980324 

DESIGNATED STATES: AT; BE; CH; CY; DE; DK; ES; FI; FR; GB; GR; IE; IT; LI; 
LU; MC; NL; PT; SE 
INTERNATIONAL PATENT CLASS (V7): G06F-001/00 
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LANGUAGE (Publication,Procedural, Application): English; English; English 
FULLTEXT AVAILABILITY: 
Available Text Language Update Word Count 

CLAIMS B (English) 200342 2266 

CLAIMS B (German) 200342 2089 

CLAIMS B (French) 200342 2789 

SPEC B (English) 200342 16960 
Total word count - document A 0 
Total word count - document B 24 1 04 
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...SPECIFICATION remotely via a communications network (e.g., LAN or WAN) 
so that a remotely located, authorized persons can quickly access the 
data when needed. 
U.S. A 5,699,428 provides... 
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...OTF) decryption and re-encryption system which conveniently decrypts and 
re-encrypts file data for authorized users on an as needed basis. 

It is possible, however, that security may be inadvertently breached by 
the unwitting actions of an authorized user. The authorized user may 
have properly logged into the system and provided all the appropriate 
passwords which... 

...example, suppose that after properly logging into the system and 
providing all appropriate passwords, the authorized user decides to 
connect via the Internet with a Web site or a like source... 

...other basic re-bootings of the system. The ROM data may specify an 
OS-readable, unique serial number for the computer. The computer system 
100 may also include a real-time. ..various kinds of encrypted and 
plaintext data. Part of that data represents a list of authorized users 
(INCLUDED USER'S LIST) as will be detailed below. Another part of that 
data... 

...161 and 162. 

As further seen in Fig. 1, disk subsystem 150 stores: (a) a bubble - 
based algorithm 154 for providing access approval or denial to access 
requests presented via various kinds... 

...yet further stores: (j) one or more bubble-lists 168 that are used by 
the bubble - based algorithm 154 for providing access approval or 
denial to access requests presented via various kinds... 

...an encrypted form (ciphertext form) except for times when it is being 
legitimately used by authorized users. At such times, the decrypted 
data 175 should be kept only in volatile memory... 

...is employed, the executing program or OS component of intercept step 201 
is tested for bubble - based approval or denial by the program 
approving/denying algorithm 154. One such algorithm is shown... 

...is made of the Excluded Directories List(s) of memory region 155 (Fig. 
1 ) to determine whether the requested file is 'contained' in a 
directory that is identified as an excluded... 

...passes to step 220 by way of connection Bl. 

At test step 220, it is determined if a decrypted version (real or 
phantom) 161d of the file data has already been.. .apparently-available? 
test 220 is Yes, control passes to test step 222 where it is determined 
if the current file-OPEN request issued at the behest of an OTF 
recryption module... 

...security label further includes a list that defines a valid user 
identification number for each authorized user. The OS or another 
interacting software module is expected to furnish a matching user... 

...security label is formed by encrypting the plaintext of the needed 
decryption key using the authorized user's public key pursuant to a 
so-called public-key/private-key encryption system... 

...such a public-key/private -key encryption system.) Accordingly, the 
private key of the same authorized user must be obtained in order to 
decrypt the encrypted key string corresponding to that... 
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...the current file requester (obtained from the OS) can be compared 
against the list of authorized users within the file's security label 
to see if there is a match. Also... 

...or additionally, other security tests can be performed in step 226 as 
deemed appropriate to determine whether the requesting user and/or the 
requesting application program have valid access rights. 

If the result at the access-rights verification step 226 is negative 
(No), then control is passed to point B3 where the intercept routine 
forces a 'failed file -open' to occur. 

If the result at the access-rights verification step 226 is instead 
positive (Yes), then control passes to a decrypting process such as... 

...and a decrypted version 161d of the requested file data is made 
available to the authorized requestor. If volume-encryption is being 
used as an additional protection, the OTF software is... 

...subsystem directoiy 151 and overwriting the original file name (e.g., 
'AA.XLS') with a unique new file name (e.g., 
'JAN(underscore) 1 (underscore)98.00 1 '). 
In one embodiment, the unique new file name is selected as follows. 
The current time and/or current date is used to generate a unique 
alpha-numeric string (e.g., 'JAN(underscore)l(undcrscore)98.0()r) 
conforming to the file... 

...test and revise procedure is repeated until there is no collision. Then 
the non-colliding unique alpha-numeric string (e.g., 
'JAN(underscore) 1 (underscore )98. 002') is used as the... 

...of security methods including the above-mentioned method of encrypting 
the decryption key with the authorized user's public encryption key. 
Step 245 is optional as indicated by the dashed, alternate... 

...or to a hash of such data. A corresponding public key is afterwards used 
to authenticate the signature by comparing the decrypted signature (the 
version decrypted with the public key) against the stored data or a hash 
thereof. In one embodiment, the last authorized user to edit the file 
is defined as the master of the file 161 and his/her private/public key 
pair is used respectively to sign and authenticate the plaintext . In an 
alternate embodiment, the private/public key pair of the system 
administrator is used respectively to sign and authenticate the 
plaintext. The private/public key pah of another entity may yet 
alternatively be used to respectively to sign and authenticate the 
plaintext. 

If signature test 245 is passed, control is afterwards transferred to 
step 250... 

...causing programs. The MS- Windows95(TM) protocol wherein asterisks (*) 
are used for multi-character wild cards (including no characters) and 
question marks (?) are used as single-character wild cards may be used. 
The example at 320b ('*GEN*.XLS') accordingly identifies the class of 
file... 

...and the master program under whose supervision the slave was loaded. 
Section 3 11c (MASTER/SLAVE) determines which of these 
proximity-of-causation designations is to be queried for from the OS... 
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...matches per the MASTER/SLAVE qualification of section 3 11c, then section 
3 lid is consulted to determine if the response to the name and 
type-of-causation matches should be an approval... 

...a file-copying primitive-function such as 'COPY.DLL'. In other words, it 
has been determined that 'C:(back slash)*COPY*.DLL' has no business 
trying to access a file whose.. .DENY and the alert level is that of the 
current default. This means that no authorizing match has been found in 
the causation-query branch of target-query record 320 and... 

...step 450 continues along path 451 to test step 455. In step 455 it is 
determined whether the file -name extension (e.g., the last character 
string following the last period... 

...in step 421, the process continues on to step 422. In step 422, it is 
determined by reading the APPROVE/DENY section (e.g., 3 1 Id) of the 
matched box, what the... 

...Temporal and/or geographic approval/denial follows a similar scheme. OTF 
recryption with plaintext signature authentication is an optional 
additional level of protection. 
Volume-encryption is a yet further, optional additional... 

...If slow path 5 1 1 is followed, a test is carried out in step 502 to 
determine if the read primitive is directed to an area of the volume 
(e.g., of... 

...If slow path 561 is followed, a test is carried out in step 552 to 
determine if the write primitive is directed to an area of the volume 
that is excluded... 

...intercept of such an lile-OPEN request, THREAD-1 proceeds to step 712 
where it determines whether decryption is necessary for the 
to-be-opened file. If decryption is deemed necessary... 


...CLAIMS the bubble-control means effects the denial or approval of data 
access based on a unique identity, such as a serial number, of a 
machine initiating the request. 
7. A machine... 

...bubble -control means to effect the denial or approval of data access 
based on a unique identity, such as a serial number, of a machine 
initiating the request. 
27. A method... 

...CLAIMS refus ou l'acceptation d'un acces aux donnees sur la base d'une 
identite unique , telle qu'un numero de serie, d'une machine 
initiant la demande. 
7. Systeme de... 

...refus ou l'acceptation d'un acces aux donnees sur la base d'une identite 
unique , telle qu'un numero de serie, d'une machine initiant la 
demande. 
27. Precede selon... 
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...SPECIFICATION file server be capable of executing the same or a similar 

operating system as the attached client workstations. The reasons 

include the need to execute maintenance and monitoring programs on the... 
...consideration is the need to avoid the cost of supporting an operating 

system that is unique to the file server. 
Given these considerations, the file server is typically only a 

conventional... controllers 141-2)), two mass storage processors 161-2)), 

a bank of four system memory cards 181 -4)), and a host processor 20 

coupled to the backplane bus 22. The invention... 

...processor 20, in the preferred embodiments of the present invention, is 
a Sun central processor card , model Sun 3E120, manufactured and 
distributed by Sun Microsystems, Inc. 
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Finally, the system memory cards 1 8 each provide 48 megabytes of 
32-bit memory for shared use within the computer... 

...UFS interacts with a low level software device driver that is directly 
responsible for an attached physical mass storage device. The UFS 
handles all operations necessary to resolve logical file oriented... Array 

Fig. 5 provides a simplified block diagram of the preferred 
architecture of a memory card 18. Each memory card 18 operates as a 
slave on the enhanced VME bus and therefore requires no on... 

...ECC) generation and testing unit 158 is coupled to the multiplexer 154 
to generate or verify , again depending on transfer direction, eight 
bits of ECC data per memory array word. The status of each ECC 
verification operation is provided back to the timing control block 1 50. 


E. Host Processor 
The host... 

...PID). Context execution switches by the peer-level processor are 
controlled by a process scheduler embedded in the facility's 
multi-tasking kernel. A process may be "active" - at a minimum... direct 
the response back to the specific requesting client. 

The NC facility similarly provides a unique facility ID and the PID 
of its relevant process to another peer- level facility as...system 
facility 164 except during the initial phase of bootup. Rather, both 
generally appear as unique but otherwise undifferentiated logical 
clients of the storage facility 166. 

Also interfaced to the VFS... message identified by a message descriptor 
is evaluated by the receiving messaging kernel layer to determine what 
is to be done with the message. A message descriptor ...bytes. The 
initial 32-bit word of the message encodes the message type and a unique 

peer-level facility identifier. The text of the message then follows 
with any necessary fill... 

...the K(underscore)MSG message and block format described above. 

2. IFC Message Generation 

The determination to send a message, and the nature of the message, 
is determined by the peer-level facilities. In particular, when a 
process executing on a peer-level... 

...of a desired function may be achieved by calling an appropriate routine, 
that, in turn, determines and calls its own service routines. This is 
illustrated in Fig. 9. A function call.. .network communications facility, 
a process is allocated to allow the call to operate in a unique 
context. Thus, the call to or by a stub routine is identifiable by the 
process... 

...handled by the logical call format bubbles Al-X. A message buffer is 
allocated and attached to a message queue. Depending on the particular 
stub routine called, the contents of the... 

...B multi-tasking kernel's free message buffer pool. 
Received messages are initially examined to determine their message 
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type. This step is illustrated by the B message parser bubble . Based 

on message type, a corresponding data structure is selected by which the 
message can be. ..The communication transaction: 

fc(underscore)access( 

FC(underscore)STD(underscore)T(cred,file,mode),*(errno) ); 

determines whether a given type of file access is legal for specified 
credentials ("cred") on the... 

...facility for configuring the NFS server stack and to respond in support 
of a secure authentication service request. The network communications 
facility will exchange messages with the file system facility for.. .will 
in turn issue the necessary FS communication transactions to obtain file 
service. If secure authentication option is used, the NFS server will 
issue requests to the Authentication server daemon running on the host 
processor. The conventional authentication services include: mapping 
(ks(underscore)getcred()) a given <network name> to Unix style... 

...underscore)route" and "nc(underscore)del(underscore)route" IOCTL 
commands. Once a route has been determined for a particular packet, the 
packet is dispatched to the appropriate network interface. If a... 

...ip(underscore)pkt()" communication transaction. If a packet is destined 
to a conventional network interface attached to the host facility, it 
is forwarded to the host facility using the "nc(underscore...as opposed 
to the name of a service, of the facility that is registering, its 
unique facility ID (VME slot ID) and the shared memory address of its 
message descriptor FIFO... 

...underscore)TIME(underscore)REGISTER T,*** ); 

is issued by a facility to the timed daemon to determine the system 
time and to request periodic time synchronization messages. The reply 
message returns the... 

...of VME memory where data transfer takes place. The S facility uses this 
byte to determine the VMEbus protocols to be used for data transfer. 
Memory(underscore)type is defined as. ..message. Therefore, when a reply 
is received, a message sender checks the status word to determine how a 
message is completed. When k(underscore)null(underscore)reply is used, 
the original... 

...grouped into a single logical disk. 

Total(underscore)sector is the disk capacity of the attached SCSI 
disks. Total capacity of a disk bank is this number multiplying the 
number(underscore...IOCTL(underscore)MSG,*** ); 

This message is used to address directly any SCSI disk or peripheral 
attached to a SCSI port. Multiple messages can be sent at the same time. 
They are... 

...Scsi(underscore)id, scsi(underscore)port, and 
scsi(underscore)lun(underscore)address identify uniquely one attached 
SCSI peripheral device. Command(underscore)length and 
data(underscore)length specify the lengths of command...S facility 
buffers, is returned in the completion status word. 
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This message is used to verify if a previous message was received by 
the S facility. If not, the message is... 

...message is sent when there is no active messages. Otherwise, it is very 
difficult to determine how many used messages are in the S facility 
message buffer. For example if there... 

...S facility. The host boot program can then poll this 
sender(underscore)pid word to determine when the message is completed. 
Messages to the S facility are sent in this manner... 
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Detailed Description 
... Patent 5,xxx„xxx on 

Month Day, 1998 [future issuance number and date to-bo 

determined ]. 

3. Description of the Related Art 

As know ledge of computers grows; and as use of...remotely via a 
communications network (e.g., 
LAN or WAN) so that a remotely located, authorized 
persons can quickly access the data when needed. 

The above-identified U.S. patent 5... 

...OTF) decryption 

and re -encryption system which conveniently decrypts and 
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re-encrypts file data for authorized users on an asnceded basis. 
It is possible, however, that security may be 
inadvertently breached by the unwitting actions of" an 
authorized user. The authorized user may have properly 
logged into the system and provided all the appropriate 
passwords which... 

...example, suppose that 

after properly logging into the system and providing all 

appropriate passwords, the authorized user decides to 

connect via the Internet with a Web site or a like 

source...and other basic rebootings of the system. The ROM data may 

specify an OS 

readable, unique serial number for the computer. The 
computer system 1 00 may also include a real. ..various 
kinds of encrypted and plaintext data. Part of that data 
represents a list of authorized users (INCLUDED USER's 
LIST) as will be detailed below. Another part of that 
data... 161 and 162. 

As further seen in Fig. 1, disk subsystem 150 
stores: (a) a bubble - based algorithm 1 54 for providing 
access approval or denial to access requests presented 
via various kinds... 

...yet 

further stores: (j) one or more bubble-lists 162 that 
are used by the bubble - based algorithm 1 54 for providing 
access approval or denial to access requests presented 
via various kinds... form 

(ciphertext form) except for times when it is being 
- 15 

legitimately used by authorized users. At such times, 
the decrypted data 175 should be kept only in volatile 
memory.. .is employed, the 

executing program or OS component of intercept step 201 
is tested for bubble - based approval or denial by the 
program approving/denying algorithm 154. One such 
algorithm is shown.. .is made of the Excluded Directories List(s) of 
memory region 155 (Fig. 1) to determine whether the 
requested file is 'contained' in a directory that is 
identified as an excluded.. .passes to step 
220 by way of connection Bl. 

At test step 220, it is determined if a decrypted 
version (real or phantom) 16 Id of the file data has 
a 1 re ady been ... appa ren 1 1 y 

available? test 220 is Yes, control passes to test step 

222 where it is determined if the current lile-OPEN 

request issued at the behest of an OTF reeryption 

module. ..security label further includes a 

list that defines a valid user identification number for 

each authorized user. The OS or ...security label is formed by 

encrypting the plaintext of 

the needed decryption key using the authorized user's 
public key pursuant to a so-called public-key/private 
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key encryption system... 


...such a 

public-key/private-key encryption system.) Accordingly, 
the private key of the same authorized user must be 
obtained in order to decrypt the encrypted key string 
corresponding to that... 

...the current file requester 

(obtained from the OS) can be compared against the list 

of authorized users within the file's security label to 

see if there is a match. Also be performed in step 226 as deemed 

appropriate to 

determine whether the requesting user and/or the 
requesting application program have valid access rights. 

If the result at the access-rights verification 

step 226 is negative (No), then control is passed to 
point B3 where the intercept routine forces a 'failed 
file-open, to occur. 

If the result at the access-rights verification 

step 226 is instead positive (Yes), then control passes 
to a decrypting process such as... 

...and a decrypted version 161d of the requested file data 
is made available to the authorized requestor. If 
volume-encryption is being used as an additional 
protection, the OTF software is... 

...subsystem directory 151 and 

overwriting the original file name (e.g., 'AA JCLSI) with 
a unique new file name (e.g., 'JAN 98,001 1). 
In one embodiment, the unique new file name is 
selected as follows. The current time and/or current 
date is used to generate a unique alpha-numeric string 
(e.g.,, 'JAN 98.001 1) conforming to the file-naming 

protocol. ..test and revise 

procedure is repeated until there is no collision. Then 
the non-colliding unique alpha-numeric string (e.g., 
'JAN 98.0021) is used as the new name for... 

...of security methods including the above 
mentioned method of encrypting the decryption key with 
the authorized user's public encryption key. 

Step 245 is optional as indicated by the dashed, 

alternate. ..or to a hash of such data. A corresponding public key is 

afterwards used to authenticate the signature by 

comparing the decrypted signature (the version decrypted 

with the public key) against the stored data or a hash 

thereof. In one embodiment, the last authorized user to 

edit the file is defined as the master of the file 161 

and his/her private/public key pair is used respectively 

-35 
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to sign and authenticate the plaintext. In an alternate 
embodiment, the private/public key pair of the system 
administrator is used respectively to sign and 
authenticate the plaintext. The private/public key pair 
of another entity may yet alternatively be used to 
respectively to sign and authenticate the plaintext. 

If signature test 245 is passed, control is 

afterwards transferred to step 250. ..causing programs. The MS-Windows95 
TM 

protocol wherein asterisks (*) are used for multi 
character wild cards { including no characters] and 
question marks (?) are used as single-character wild 
cards may be used. The example at 320b ('*GEN*.XLSI) 
accordingly identifies the class of file. ..and the master program under 
whose 

supervision the slave was loaded. Section 311c 

(MASTER/SLAVE) determines which of these proximity-ofcausation 
designations is to be queried for from the OS. 

If... 

...matches per the 

MASTER/SLAVE qualification of section 31 lc„ then section 

31 Id is consulted to determine if the response to the 

name and type-of-causation matches should be an approvaL.a file-copying 

primitive-function 

such as 'COPY.DLL'. In other words, it has been 
determined thatIC: 
*COPY*.DLLI has no business trying 

to access a file whose name satisfies...step 450 continues along path 

45 1 to test step 455. In step 455 it is determined 

whether the file-name extension (e.g., the last 

character string following the last period...in step 421, the process 

continues on to 

step 422. In step 422, it is determined by reading the 
APPROVE/DENY section (e.g., 3 1 Id) of the matched box, 
what the.. .Temporal and/or 

geographic approval/denial follows a similar scheme. OTF 
recryption with plaintext signature authentication is an 
optional additional level of protection. 

Volume-encryption is a yet further, optional 
additional... 
...If slow path 511 is 
followed, a test is carried out in step 502 to determine 
if the read primitive is directed to an area of the 
volume (e.g., of. .intercept of such an file-OPEN request, 
THREAD-1 proceeds to step 712 where it determines 
whether decryption is necessary for the to-be-opened 
file. If decryption is deemed necessary... 

Claim 

... b) selective OPEN continuance means 
[202,2 10,.2 12,2 141, responsive to the intercept means, for 
determining whether an intercepted lile-OPEN request is 
requesting an open of a file for which... 
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...identity of a requesting program, 
(b.l ) said selective OPEN continuance means being 
further for determining , if the access request is not 
denied on the basis of said identity of the. ..the operating system; 
(c) plaintext tracking means [2201, responsive to 
the selective continuance means, for determining whether 
-69 

a plaintext version of the sometimes encrypted data of 
the requested file already... 

...d) a decrypting mechanism [2401, responsive to the 
plaintext tracking means such that on a determination 
that a plaintext version of the sometimes encrypted data 
of the requested file does not... 

...kept encrypted most of the 
time; said method comprising at least the step of: 

(a) determining [2021 whether an intercepted file 
OPEN request is requesting an open ol'a file for... 

...requesting program; 

said method further comprising one or more of the 
following steps if said determining step does not 
generate an access denial decision: 

(b) using file-exclusion lists to block...caused 

by one or more causation-events for access to targeted 
data [ 1 6 1 d] having a unique identity; 
(b) first testing [41 1 1 the identity of the targeted 
data for satisfaction of a... 

...1061 of 
Claim 33 wherein 

(b.l) said predefined target-query condition [320b] 
includes wild card designations for specifying the 
identity of a satisfying target. 

36 The instruction conveying apparatus [1061 of 
Claim 33 wherein 

(c.l) said predefined causation-query condition 

[321b] includes wild card designations for specifying the 

identity of a satisfying causation event. 

37 The instruction conveying... 
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Detailed Description 
... file 

server be capable of executing the same or a similar 
operating system as the attached client workstations. 

The reasons include the need to execute maintenance 
and monitoring programs on the... 

...consideration is the need to avoid the cost 
of supporting an operating system that is unique to the 
file server. 

Given these considerations., the file server is 

typically only a conventional... 1-2" two mass storage processors 16 1-2" 
a 

bank of four system memory cards 18 1-41 and a host 

processor 20 coupled to the backplane bus 22. The... processor 20, in the 

preferred 

embodiments of the present invention, is a Sun central 
processor card , model Sun 3E120, manufactured and 
distributed by Sun Microsystems, Inc. 

Finally, the system memory cards 1 8 each provide 

48 megabytes of 32-bit memory for shared use within the 

computer... UFS interacts with a low level 

software device driver that is directly responsible for 

an attached physical mass storage device. The UFS 

handles all operations necessary to resolve logical 

file oriented... Array 

Fig. 5 provides a simplified block diagram of the 
preferred architecture of a memory card 18. Each 
memory card 1 8 operates as a slave on the enhanced VME 
bus and therefore requires no on... 

...ECC) 

generation and testing unit 158 is coupled to the 
multiplexer 154 to generate or verify , again depending 
on transfer direction, eight bits of ECC data per 
memory array word. The status of each ECC verification 
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operation is provided back to the timing control block 
150. 

E. Host Procesaar 

The host...PID). Context execution switches by the 
peer-level processor are controlled by a process 
scheduler embedded in the facility's multi-tasking 
kernel. A process may be "active" — at a minimum... 

...direct the 

response back to the specific requesting client. 

The NC facility similarly provides a unique 

facility ID and the PID of its relevant process to 

another peer-level facility as. ..system facility 164 except during the 

initial 

phase of bootup. Rather., both generally appear as 
unique but otherwise undifferentiated logical clients 
of the storage facility 166. 

Also interfaced to the VFS... message identified by a message descriptor 
is 

evaluated by the receiving messaging kernel layer to 
determine what is to be done with the message. A 
message descriptor as used by a...bytes. The initial 
32-bit word of the message encodes-the message type and 
a unique peer-level facility identifier. The text of 
the message then follows with any necessary filL.of the K 
MSG message and block 
format described above. 

2. IFC Message Generation 
The determination to send a message, and the 
nature of the message, is determined by the peer-level 
facilities. In particular, when a process executing on 
a peer-level... 

...of a desired function may be achieved by 
calling an appropriate routine, that, in turn, 
determines and calls its own service routines. This is 
illustrated in Fig. 9. A function call. ..network 
communications facility, a process is allocated to 
allow the call to operate in a unique context. Thus, 
the call to or by a stub routine is identifiable by the 
process... 

...handled by the 
logical call format bubbles Al-X. A message buffer is 
allocated and attached to a message queue. Depending 
on the particular stub routine called, the contents of 
the...B multi-tasking kernel's free 
message buffer pool. 

Received messages are initially examined to 
determine their message type. This step is illustrated 
by the B message parser bubble . Based on message type, 
a corresponding data structure is selected by which the 
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message can be.. .system, respectively, are flushed. 

The communication transaction. 

fc-access( FC-STD-Ticred,file,model,*Ierrno) 
determines whether a given type of file access is legal 
for specified credentials ("cred") on the...I6T,* 
nc recvpromispkt (NC PKT'IOT',*) 
nefe forward ippkt (NC'PKT'16'T'* 
Secure Authentication Messaggs 

ks-decrypt ( KS.DECRYPT.T(netname,netnamelen,desblock), 
* * *Irpcstatus,ksstatus,desblockI 
ks.getcred ( KS... 

...facility for configuring the NFS server stack and to 
respond in support of a secure authentication service 
request. The network communications facility will 
exchange messages with the file system facility for... will in turn issue 
the 

necessary FS communication transactions to obtain file 
service. If secure authentication option is used, the 
NFS server will issue requests to the Authentication 
server daemon running on the host processor. The 
conventional authentication services include: mapping 
(ks 

getcredo) a given <network name> to Unix style 
credential, decrypting (ks... 

...the 'Inc.ada.routell and 'Inc-del.routell 
IOCTL commands. Once a route has been determined for a 

particular packet, the packet is dispatched to the 
appropriate network interface. If a... 

...forward 
ip 

pkto' communication 

transaction. If a packet is destined to a conventional 
network interface attached to the host facility, it is 
forwarded to the host facility using the 
Tnc-forward...typedef struct 
long val[2]; /* file system id type 
fsid-t; 

File identifier. Should be unique per filesystem 
on asingle machine. 

#defme MkXFIDSZ 16 
struct fid ( 

u short fid len; /* length... 

...exported 
long flags; /* flags 

u.short anon; /* uid for unauthenticated 
requests */ 

long auth; /* switch for authentication 

type 
union { 
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NC UNIXEXPORT exunix; /* case AUTH-UNIX 
NC DESEXPORT exdes; /* case AUTH DES 
un...pad2; 

PKT -DATA-BUFFER pkt.buffist[MA)@ 

DL.BUFFRAG+1 1 ; 

NC-PKT-IO-T; 

Secure Authentication Server Communication 
transactions 

Name under which the key server registers. 

#defme KEYSERV-NAME IIKEYSERVII 
/* Key... as opposed to the name of a 
service, of the facility that is registering, its 
unique facility ID (VME slot ID) and the shared memory 
address of its message descriptor FIFO. ..provides access to the 
conventional Unix daemon that, in turn, 
provides access to keys which authenticate 
users. 

FS Facility Resident 

FC-VICE-PRES - executes on the FC peer-level 
processor,, or...register ( SC-TIME-REGISTER T,*** 
is issued by a facility to the timed daemon to 
determine the system time and to request periodic time 
synchronization messages. The reply message returns 
the...ofVME 

memory where data transfer takes place. The S facility 
uses this byte to determine the VMEbus protocols to be 
used for data transfer. Memorytype is defined as. 

03 Primary.. .message. 

Therefore, when a reply is received, a message sender 
checks the status word to determine how a message is 
completed. When k-null 
reply is used, the original 
message is... 

...are 

grouped into a single logical disk. 

Total.sector is the disk capacity of the attached 
SCSI disks. Total capacity of a disk bank is this 
number multiplying the number-oL.SP 
IOCTL MSG,*** 

This message is used to address directly any SCSI disk 
or peripheral attached to a SCSI port. Multiple 
messages can be sent at the same time. They are... 

...by the S facility. 

Scsi-id, scsi. 

port, and scsi-lun-address identify 

uniquely one attached SCSI peripheral device. 

Command.length and data-length specify the lengths of 
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command and data...S facility buffers, is returned in the 
completion status word. 

This message is used to verify if a previous 
message was received by the S facility. If not,, the 
message is... 

...message is sent when there is no 
active messages. Otherwise,, it is very difficult to 
determine how many used messages are in the S facility 
message buffer. For example if there. ..to the S facility. The 
host boot program can then poll this sendeipid word to 
determine when the message is completed. Messages to 
the S facility are sent in this... 
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Original Titles: 

Method to make transactions secure by means of cards having uniqe and 
non-reproducible identifiers 

Alerting Abstract ...NOVELTY - The method involves integrating a real 
identifier (3) with a card (2) having a magnetic track ( 1 ) with a number 
(4). A representation of the identifier... 

...signature (7) is stored in a database (5) at same number. A connection 
between the card and database is authenticated by comparison between 
the representation of the identifier and the real identifier for 
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authorizing transaction by the card . USE - Used in a shop for 
securitization of transaction effectuated by a card e.g. bank card, 
loyalty card , subscription card and access control card . 


...ADVANTAGE - The method is simple and can securitize the transaction 
effectuated by the card at relatively low cost that is acceptable to all 
users. The method can automatically authenticate the connection between 
the card and database... 

...drawing shows a principle diagram of a method for securitization of 
transaction effectuated from a card . 


...2 Card 


Title Terms/Index Terms/Additional Words: CARD ; ... 
... AUTHORISE 

Original Publication Data by Authority 
Argentina 

Assignee name & address: 
Original Abstracts: 

A method for making transactions secure based upon a card -type medium 
(<b>2</b>) comprising a number (<b>4</b>) and a remote database (<b>5</b>) 
connected to a telecommunications network. A unique and non-reproducible 
identifier (<b>3</b>) in the form of a bubble code is physically 
affixed to the card (<b>2</b>) comprising a number (<b>4</b>) contained 
either on a magnetic strip, of a bar code... 

...call is made to the remote database by means of the number recorded on 
the card , a link authentication is performed by comparing the 
representation of the identifier stored in said database and the... 
Claims: 

<b>l</b>. Method for making transactions secure based on a card -type 
medium (<b>2</b>) comprising a number (<b>4</b>) and a remote database 
(<b>5</b>) connected to a telecommunications network (<b>9</b>), 
characterized in thata unique and non-reproducible identifier (<b>3</b>) 
is physically integrated in the medium (<b>2</b>) comprising the number... 

...of the identifier comprising an image (<b>6</b>) and/or a digital 
signature (<b>7</b>) of the unique and non-reproducible identifier 
(<b>3</b>),the link authentication is performed by means of a comparison 
between a representation of the identifier (<b>6</b> or... 

...identifier (<b>3</b>) located on the medium (<b>2</b>), andif there is 
agreement, the transaction is authorized.> 
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Method for Certifying and Subsequently Authenticating Original, Paper of 
Digital Documents for Evidences 

Abstract: 

[00000] The present invention relates to a method for certifying and 
subsequently authenticating original physical or digital documents. The 
concept of the evidence lies in the dual nature... 

Summary of the Invention: 

[0060] Top (1) of scanner is a transparent glass that receives the 
document to be authenticated . Mobile part (3) of the scanner includes 
as for all scanners a CCD type of... 

...bubble volumic aspect e.g., their tri-dimensionality. The scanner is 
equipped with a bubble authenticator (6) built-in the transparent 
glass. Said authenticator , always unique and non-reproducible, is 
read each time and simultaneously upon reading the original document to 
be authenticated . A lid (2) covers the assembly for realizing the 
acquisition, any opening while acquiring stops... 

...BD2 bases, possibly means for producing certified photocopies, an 
automatic means for feeding paper and authentication seals. This type 
of device is also usable in two ways: A first way during... 

...a second way as means to access BD2 recording system through the seal or 
its unique signature to be able to produce a ...acquisition and 
archiving in BD2, a simple office scanner is sufficient because the 
necessity to verify the tri-dimensionality of the bubble authenticator 
is not imperative and intervenes only when it is later necessary to 
prove the intergrity... 

...and possibly ownership. Upon certification, the reading scanner should 
therefore at the very least, only verify the identity of the bubble 
seal and its authorization of use provided by BD1, knowing that, if the 
issuer stuck for example on the... 
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...later use, this operation would go against his interests because, on the 
one hand, when authenticating , the evidence would be made that the 
document is not original and, on the other... 9) accessible through 
telecommunication network. In (7) are represented rolls of bubble seals 
adapted for authenticating originals (8) (15). A bubble seal (7) is 
glued on a document (8) to be.. .that a presented document passes from the 
status of presumed original to the status of authenticated or certified 
original, the steps are as follows: presumed original document (8) (20) 
is presented... 

...0063] In FIG. 3A, an example of document (8) authenticated by seal (7) 
is represented, and, in FIG. 3B, the same document is represented as it 
appears recorded in BD2 alter acquisition through reading device ( 1 ). 
Authenticator (6) of the acquisition device appears in the archived 
document... 

...0064] FIG. 4A represents a bubble code constituting a seal, wherein 
the bubble volumic aspect inside the material is well perceived, hence 
procuring an authenticating characteristic both very easy to interpret 
and still unique physically, while impossible to duplicate identically 


...0065] FIG. 4B represents a bubble seal in top view, as it may be 
affixed on an original document.. .to physical or digital documents to be 
certified, and a non-rewritable CD or DVD authenticated by a bubble 
seal... 

...0068] Anon-rewritable DVD (13) is made unique using a bubble seal 
(16) placed in the central ring. Originally, this DVD is assigned... 
identical to the ones of the seals used for the documents, said DVD is 
made unique and impossible to reproduce identically. It is listed in 
and assigned to database BD1. In... 

Description of the Invention: 

...identification record or a false birth certificate in order to 
receive a "real false" identification card . The civil servant who 
delivers the civil certificates, being another than the one delivering 
the identification cards , will consider the document provided as 
original because it presents all the characteristics to deem.. .0007] 
Patent FR2765014 concerns a paper document authentication method and 
its authenticity control device. Said document suggests to confer to the 
material constituting... 

...intrinsic characteristic during its manufacture and to associate it to 
the document for its later authentication . Such random intrinsic 
characteristic integrated to the material is indeed always unique , but 
it is not non-reproducible to an identical one, it concerns indeed 
marking the.. .the naked eye associated to an information, the assembly 
being recorded in a memory. To verify the authenticity, a comparison 
between what is read on the document and what is stored... 

...0009] Document EP0161 181 concerns a method and its remote document 
identification and authentication device. In such patent, an 
identification code (barcode type) as well as a random distribution... 

...with ink invisible to the naked eye on the document that one wishes to 
make authenticatable by such method. An optoelectronic reading means 
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records the identification code, the random distribution, as... 

...to the paper medium constituting the document, in a memory after coding 
the information. To verify the authenticity of a document one compares 
the printed elements and eventually the intrinsic characteristic... 

...0010] Patent US 2005/038756 describes an authentication method of 
original documents whose medium constitutes an identifiable medium as in 
the previous patents. ..a few hours on the same day. At this level of 
precision, the need of authentication and date/time stamping is of real 
importance... 

...0012] Parallel to physical paper documents, there are solutions for 
authenticating computer data in text or binary file format. Such 
computer data need to be authenticated as original essentially in two 
distinct applications: either while archiving on a computer system, where 
...itself exists whose handwritten signature attests of its content and 
of its author, subject to authentication of both. However, if a 
dematerialization is desired, the current solution is digital and, 
therefore.. .at bringing one or more sure evidences that will have legal 
and lawful values to authenticate documents as originals or true 
copies of originals, or information as being originals, as much... 

...or owner. The method according to the invention concerns both original 
certification procedure and future authentication procedure of elements 
qualified as originals. The first characteristic of this invention is 
that it is as well applicable, contrary to everything existing today, to 
the authentication of physical forms (paper) of documents, as to 
digital data. This invention relies on the... 

...of authenticity rests on the physical/logical and logical/physical 
duality. It is a mixed authentication method. The word information here 
is considered broadly speaking (text or binary file) as the.. .very high 
security method including the certification of original paper or digital 
documents, and the authentication of aforesaid originals at the time of 
their interpretation.. .used. The first one, BD1, is a trusted third party 
within which are prerecorded the authenticating parts of physical 
seals, which will be associated with the documents or with the 
information to be authenticated , with possible assignment to a person 
and/or an institution. The other database, BD2, is... 

...seals. As will be seen hereafter, the non-rewritable CD or DVD media are 
made unique through a very high security seal built in the medium in 
order to be able... 

...associated seals read and certified for recording and date/time stamping 
purposes. For reasons of unique assignment of a document to a seal, 
trusted third party BD1 can reject any seal... 

...the reading device connected to BD1 and BD2, then in a first step, the 
device authenticates the physical seal associated to the document by 
querying BD1, then it queries BD2 asking... 

...0023] According to another characteristic, the authentication method 
of original documents operates by comparing the presumed original 
physical document or a computer... the original information, which content 
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integrity is certified by the originator, is associated to a unique and 
non-reproducible mark constituting a certification and authentication 
seal previously integrated or reported under the form of a seal: recorded 
in a database and delivered by an authorized authority or trusted third 
parly indicating the affiliation to the originator or to the beneficiary 
of the document original or of the original information to be certified, 
said mark being affixed directly on the document by the originator of 
said original document when it is a... 
...or on a sheet of blank medium when certifying computer data. This mark 
constituting an authenticator may possibly be a intrinsic chaotic 
characteristic of the medium itself (i.e. paper fibers... 

...0026] b) said original physical document, or similarly the blank medium 
sheet associated to the unique and non-reproducible mark, is 
digitali/.ed opto-electronically by a device permitting, in a single... 

...link the content of the original physical document or the original 
computer data with said unique and non-reproducible mark. The ...0027] 
c) The original document or the original information, and the associated 
unique and non-reproducible mark is sent, archived, and date/time 
stamped into the BD2 recording information by drawing a link to the 
unique and non-reproducible seal at the time of sending to the BD2 
archiving and recording system. Then it publishes a paper document by 
gluing the authentication seal or mark used for sending. Therefore, 
even if he wants to modify the document... 

...out, and it cannot use another seal that would be identical because each 
seal is unique and impossible to reproduce with regard to its 
characteristic authenticating parts... 

...0030] European patent No EP1252616 by the same applicant and same 
inventors, described a bubble authentication , constituting a means of 
marking documents, very well adapted to the purposes sought-after by this 
invention. Such type of authentificator containing auto-generated bubbles 
is not only always unique but still impossible to reproduce by natural 
or artificial means. Man, as a potential forger... 

...of direct and indirect action on the object of evidence and on its 
measure. This authenticating with voluminal bubbles, therefore with 
three dimensions, indeed has remarkable optical properties, which make 
the. ..sup] 160 upon creation, with a number of bubbles varying from 20 to 
40 per authenticator . From another point of view, this type of 
authenticator is very well adapted to this type of document 
authentication application because if it is practically always unique 
at the time of creation, it is actually also non-duplicable artificially, 
because the chaotically... 

...level. It is subsequently an optical interpretation that can certify 
whether it is a natural bubble code or a cloning attempt that would 
be inevitably detected. Such properties are extremely important from... 

...003 1] first it is realistic to affirm that such type of bubble 
authenticator would never be counterfeited because even if new 
technological means come up notably in nanotechnologies...to biometric 
interpretations today, the reading technology development is what is 
going to make the bubble code optical interpretation even safer... 
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...0032] second, the safety solution that permits to certify and 
subsequently authenticate by bringing unquestionable evidences, is no 
longer built on exclusively digital foundations which, as everyone... 

...a conservation time of secrets, which brings a real problem when 
pretending to certify and authenticate documents or information for 
which there is no time limit. In this case using an bubble authenticator 
, the safety solution no longer rests on a man-made virtual digital 
reality but on a physical reality not controlled by man, which is 
measurable, always unique and impossible to falsify even over time, 
accessible in read-only, and not write, which by the same inventors 
mentions the use of a bubble authenticator to form a seal. In that 
invention, such type of seal is perfectly appropriate in... 

...is not separable from them without losing their integrity. According to 
one characteristic, the bubble authenticator is chemically glued to a 
medium itself adhering but partially destructible upon pull-out. Such... 

...an identity with an alphanumeric code, barcode, or 2D or RFID label, or 
even a unique signature extracted from the authenticator 
characterizing part. Such signature or identity constitutes the address 
in the BD2 archiving system0034] The authenticating part and the seal 
identity are pre-recorded in a centralized BD 1 database constituting a... 

...listed in said BD1 database and indicates its affiliation of the 
original document to be authenticated to its owner or its beneficiary. 
As an example, a laboratory, an institution, an administration... 

...hereafter, the security level lays in the performance of inability to be 
copied of the authenticator used... 

...characteristic and in order to have evidence of document traceability, 
in addition to aforesaid document authentication , the reading device is 
identifiable and authenticatable as a unit in order to prove its 
affiliation and its issuing origin when comparing... 

...seal system of the same nature as the one posted on the document to be 
authenticated but ...and recording procedure of the original document 
for certification, and the second step is an authentication procedure 
of aforesaid document when it is brought as evidence of the original 
quality... 

...tenant assignment and pre-recording of bubble seal linked to the reading 
device and its authenticating characteristics in the BD1 database 
constituting a trusted third party... 

...0040] Pre-recording and user or owner institution assignment of adhesive 
bubble seals enabling to authenticate each original document or 
original information in the BD1 database constituting ...0041] 
Apposition by collage of a bubble seal on the original document to be 
authenticated , or on a annexed medium in case digital information... 

...seal on the scanner, and launching global reading of the document and of 
the associated authenticating part contained in the seal, and, 
simultaneously within the same reading, of the bubble seal... 

...0043] Querying trusted BD1 database in order to verify whether the 
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bubble seal affixed on the paper medium is pre-recorded, not used, and 
possibly not yet consulted, then... original presumed document and the 
content transferred. If they match, the document or information is 
authenticated . 
[... 

...0049] According to another characteristic, it becomes possible to track 
the authenticated original document from knowing the device that did 
the reading or acquisition during its recording... 

...In order to achieve that, the bubble seal 2D image retrieved by BD2 
during the verification step is simply read using the reader, and the 
trusted third party BD1 database is... 

...this invention requires a device to capture or read the original 
document, and the associated unique and irreproducible seal such as a 
bubble ...a characteristic of this device, it enables to associate in a 
single capture phase the authenticating seal, which characterizing 
parts are unique and irreproducible, with the document content 
constituting the original information. As the case may be, in this 
acquisition phase the device permits to prove that the authenticator is 
valid, for a bubble seal it enables to prove that the bubble 
authenticating part is tri-dimensional and thai this seal is indeed 
recorded in BD1. This capture... 

...0053] In order to not only authenticate but also to track the reading 
device, the latter is has a built-in unique and irreproducible 
authenticator which characterizing parts appear at each document capture 
by association with the authenticator linked to the original document 
to be captured. This unique and irreproducible characterizing part is 
preferably built-in the device by its manufacturer, and recorded... 

...general implementation process, the preferred solution with regard to 
the choice of the acquisition device authenticating element tends to be 
a bubble authenticator itself implemented as a seal that makes it 
inseparable from the device without risking to. ..leaving the context of 
this invention, all other means of scanning can be used for 
authenticating the veracity of the seal's authentic part, and, in this 
particular case, the volumic... content of the document or information 
archived in the BD2 system is associated to the unique logical 
signature extracted from the physical authenticator , in order to 
generate a one way hash code notably of all this information, notably... 

...both on the original and on the telltale at the time of certification. 
When an authentication is requested, said summaries are compared for 
assigning or not, according to their similarity, the...computer 
associated or completely built-in aforesaid acquisition device. In order 
for the issuer to authenticate this information as being original, it 
is then proceeded as previously by associating the unique and 
irreproducible seal (bubble seal type) prerecorded in BD1, although only 
capturing the seal, knowing... 

...possible to produce a paper version of the document, and to glue on it 
the authentication seal that was used for its transfer and its 
archiving into BD2. Another preferred way... 
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...in relation to BD2, namely that associated to DVD (13), in order to 
generate a unique condensed summary to be printed on an annexed sheet 
of paper, acting also simultaneously as physical medium for the 
authentication bubble seal. So some extremely voluminous computer data 
can be materialized for strong authentication purposes on a simple 
sheet of paper. This method presents not only a very high.. .0058] 
Authenticating the integrity of a document or information with date/time 
slumping oi'ils constitution is. ..on the CD or DVD on another medium 
whatever its nature, the original DVD remains unique from the only 
presence of the bubble seal, and therefore constitutes the only valid 
telltale. ..scanner especially adapted for acquiring original documents 
prior to their recording and to their later authentication for evidence 

...certify original logical information and to certify original physical 
documents, the assembly can then be authenticated regarding the 
integrity of content, date, and possibly ownership. In summary, this 
method makes it.. .to be used in combination with all other data to be 
certified to generate a unique hash code. Thereafter an attempt to 
tamper with the integrity of one data would require actions on both the 
physical and logical sides, but also on the authenticating part of the 
bubble seal, which is physically and logically impossible unless the 
constitution of.. .electronics where the seal is the certification seal 
but also the key for computing and verifying authenticity... 

Exemplary or Independent Claim(s): 

1). Method for certification and later authentication of original 
information under the form of text or binary files (15) or of 
original... 

...or information (15) which content integrity is certified by the issuer 
is associated with a unique and non-reproducible authenticator 

constituting a seal (7) previously recorded in a centralized BD1 
database (9) of a trusted... 

...information to be certified 

b) said original document (8) or information (15) associated with 
said unique and non-reproducible authenticator (7) is digitalized 
opto-electronically using a device (1) enabling, in a single 
operation, to link the content of document (8) or information (15) 
with said unique and non-reproducible authenticator (7). Reading 
device (1) is connected directly or indirectly through a network (18) 
to a... 

...stamped, non-modifiable, and non-rewritable. 

c) Original document (8) or information (15) and associated 
authenticator are sent and recorded in the BD2 recording system (10) 
(13). 

d) In order to... 

...logical copy (8') archived in the BD2 recording system at the address of 
the associated authenticator , or by comparing condensed summaries 
product of applied hashing function integrating content, date, and 
property... 1) type of scanner enabling simultaneous recording of an 
original document (8) and of its authentication bubble seal (7) for 
the purpose of proving subsequently that the assembly is authentic, 
characterized... 
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Non-exemplary or Dependent Claim(s): 

...claim 1, characterized in that the access to BD2 computer recording 
system (10) (13) is authorized by a biometrical print control done 
through a sensor (14), said prints being recorded previously... 

..3). Method according to claim 1, characterized in that the associated 
unique and non-reproducible authenticator is a bubble seal (7... 

..1) is a customized scanner with bubble seal (6) integrated in said 
scanner enabling its authentication and its affiliation 
simultaneously upon reading original document or information, (8) 
(15) and of its. ..and user assignment of bubble seal (6) linked to 
reading device (1) and of its authenticating characteristics in BD1 
database (9) constituting a trusted third party; 
Pre-recording and user assignment in BD1 database (9) of adhesive 
bubble seals (7) permitting to authenticate each original document 
(8) or original information (15); 
Apposing a bubble seal (7) by collage... 

..7) on scanner (1) and launching global reading of document (S) and of 
the associated authenticating pari contained in seal (7), and 
simultaneously, in the same reading, of bubble seal (6) linked to 
scanner (1); 

Querying trusted BD1 database (9) in order to verify whether the 
bubble seal (7) is pre-recorded, not used, and possibly not yet 
consulted... 

..that the logical content of information archived in the BD2 system is 
associated with the unique logical signature extracted from the 
physical authenticator for generating a one way hash code of ... 
that the logical content of information archived in the BD2 system is 
associated to the unique logical signature extracted from the 
physical authenticator related to the originals and to the logical 
signature extracted from the physical authenticator related to the 
BD2 base in order to generate a one way hash code of.. .in that 
computer recording system BD2 is a write-once DVD type of medium (13) 
authenticated by a bubble seal (16) that is physically integrated 
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Description of the Invention: 

...interface (e.g., dialogs or wizards) to have the user help implement 
the change, or confirm that the change is acceptable. The current state 
is preserved before the change occurs, such.. .the exemplary operating 
environment include, but are not limited to, magnetic tape cassettes, 
flash memory cards , digital versatile disks, digital video tape, solid 
state RAM, solid state ROM, and the like. ..the like that obtains 
information from the user for configuring the new settings and/or 
confirming the change. Alternatively (or in addition to), the user may 
be asked what settings and.. .0046] FIG. 4 shows such an alternative 
implementation having the bubble code 404 (comprising parts 404s and 
404e) run in the application program's process space 414... 

...amount of start code 402s that calls into the operating system 412 to 
load the bubble code , e.g., maintained in the form of a dynamic link 
library (DLL) 416 or the... 

...0047] When the bubble code is loaded, represented in FIG. 4 via the 
arrows labeled four (4) and five (5), the bubble code includes start 
code 404s and end code 404c that essentially surrounds the main 
application code. ..in the system setting block 406 (arrow twelve (12)). 
Arrow thirteen (13) represents the program/ bubble code closing; there 
may be application end code (not show n) to perform the close operations 
...0061] As can be appreciated, conflict resolution is determined by 
the bubble 604 maintaining multiple settings, and selectively applying 
settings based on the various. ..to use. The notion that these setting(s) 
are contained in a "bubble" is also unique to this invention. Changes 
can involve wizards or other UI to implement the change, multiple changes 
can be encompassed in a single bubble, the actual change can be 
determined at application runtime (e.g., based on application 
heuristics), and no special system support is... 

Exemplary or Independent Claim(s): 

Non-exemplary or Dependent Claim(s): 

...3. The method of claim 1 wherein creating the bubble comprises 
loading bubble code in a process space that is separate from a 
process space of the application program... 

...method of claim 1 wherein the at least one system setting is changed via 
the bubble code based on a request from the application program 
and returning the application program to execution... wherein the 
state data of at least one system setting is inferred automatically 
by the bubble code based on at least one system setting change 
requested by the application program... 
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Method and Device for Verification of Non Intrusion Into a System and/or 
Non-Violation of the Integrity of an... 

Abstract: 

[00000] The invention relates to a method and device for verification 
of non-violation of the integrity of a system or the identity of an 
object. An authentication seal is used, comprising a physical 
authenticator with bubbles (3 ) produced by a chaotic process on the 
production thereof, a characteristic of which is to be always unique 
and non-reproducible. A representation of said identifier with bubbles is 
stored in the form... 

...image and/or digitally in a database local or remote to the address 
(17), for authentication of the assignment of the identifier in situ or 
on the object for protection. Said authenticator is provided with a 
physical connection (16) which permits connection to the site or object 
for identification. Any attack on the integrity of the seal, whether on 
the authenticator and/or the connection, irreversibly alters the total 
seal such as to render the same un-reusable. Said authentication seal 
comprises a means for prevention of violation of the integrity of a site 


Description of the Invention: 

...the integrity of a site, of an object or of a system, and 
consequently to verify that an attempt to violate or an effective 
violation in a site or a protected... 

...0002] There are a multitude of methods for verifying the intrusion or 
the attempt to intrude into a system or a site for protection by 
unauthorised persons and to identify and authenticate objects ...who 
does not stop the alarm beforehand using a secret code for example or an 
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authorised biometric print... 


...0005] Cards (smart, magnetic. ..an object. These seals may take several 
forms according to the application. In theory the verification of the 
physical integrity of the seal allows to ensure there has been no 
violation.. .object, a complex system or a machine or a person by means of 
an identity card , this support bearing the hallmark of the Authority 
that issued it and that allows to authenticate it. The applications 
implementing identification plates or supports are numerous and varied, 
among the most.. .the first is that they can very easily be identically 
reproduced with rough means the authenticating element or seal 
included, in fact large quantities of them are commonly available; the 
second.. .same way. Thus, one way on another, it is becoming extremely 
easy for a person determined to violate a system and to physically 
access confidential data, for example in an electronic establishing a 
union between itself and one or more elements that can be authenticated 
by an Authority that marks the seal with its hallmark (State hallmark for 
example... 

...which the first opening results in the cutting of the lower portion of 
the closure attached to the bottle. This portion constitutes a seal 
between the closure and the bottle and enables the consumer to verify 
that the bottle has not been opened.. .0016] likewise, a national identity 
card must constitute a seal between the citizen who owns it and the 
State that issued... 

...0017] a bank card must constitute a seal between the customer who owns 
it, of which he knows the...0018] a health card must constitute a seal 
between the patient who owns it, the health agency that allocated... 

...contents of the package or rights unauthorized for the holders of false 
documents. Indeed, the authentication elements of such documents are 
either complex prints, or holograms, or filigrees or invisible ink... 

...who will be able to uncover the secrecies shared and thus produce "real 
fake" identity cards , health cards , bank cards and so on.. .Patent 
FR2848698 of the same applicant and inventor, relates to a method of 
identification and authentication of an object or a living being 
without a specific reader. In this document, it is recommended to attach 
an identifier difficult or impossible to reproduce to the object or the 
living being for identification or authentication . As can be 
appreciated, this document does not refer to a system of verification 
of non-intrusion into a system or a site for protection or non-violation 
of... 

...analysing it, . . . without this being visible. At worst, it is even 
possible to remove the authenticator from an object without destroying 
it and to affix it on another object... possible to contain an electronic 
identification code that can be interrogated remotely. There is nothing 
unique about this type of transponder as it is possible for a person or 
an organisation... 

...the present invention as described hereinafter, the method of 
non-intrusion is based on a unique authenticator that cannot be 
reproduced identically and that is recorded in a database, consequently, 
even if... method according to the invention plays a preventive role as it 
makes it possible to verify the non-intrusion into a system or a site 
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for protection in an unquestionable way... 

...0027] According to a first particularly innovative and inventive 
feature, a unique physical authenticator that cannot be reproduced 
identically is used to ensure its non-interchangeability and of which... 

...stored in a local or remote database, To ensure the non-reproducibility 
of the physical authenticator avolumic identifier that is the result 
of a chaotic process impossible to control by be the formation of bubbles 
upon the hardening of the material constituting said authenticator . 
Thus, contrary to prior devices of the art which are the result of a 
manufacturing... 

...mastered by man and thus reproducible by another person in possession of 
similar tools, each authenticator used in the present invention is 
unique and impossible to reproduce by man as it is the result of a 
process uncontrolled... 

...the latter. This feature makes it possible to permanently eliminate the 
possibility of anyone obtaining authenticators or seals identical to 
the originals. In this manner, the only remaining means of accessing... 

...inside of the system or site for protection is to try to recover said 
original authenticator without destroying it. In order to solve this 
second problem and according to a complementary feature the 
authenticator is associated by a physical connection with the system or 
the site for protection or... 

...attempt to open the system or the site for protection visibly modifies 
or destroys the unique physical authenticator that is original and 
non-reproducible by making it unusable and/or visibly modifies or 
destroys the connection associating said physical authenticator with 
the system or with the site for protection or with the object and such 
that the verification of the integrity of the physical authenticator 
and of its correspondence to its representation stored in the database 
guarantees the fact that... 

...place. In practise several solutions exist with regard to the choice of 
a tamper-proof authenticator as well as to the choice of a physical 
connection to the system for protection0028] According to a further 
feature, as a unique physical authenticator that cannot be reproduced 
identically i.e. that is impossible or extremely difficult to clone... 

...image, or digitally designed using remarkable elements, of position, of 
dimension etc. of the heterogeneities embedded in the volume, the two 
forms of image and digital representation being able to coexist... 

...0029] According to another feature and a preferred method, a transparent 
volumic authenticator made of glass ceramic, plastic or polymers 
containing visible bubbles of which the number, the... 

...from chaotic self-generation that cannot be controlled by man is used. 
Said type of authenticator is particularly interesting as it is always 
unique and cannot be cloned by man. Patent PCT FR/01/00322 of the same 
applicant and the same inventors suggests this type of authenticator 
with bubbles with a suitable reading system. In the case of the present 
invention it is a question of using this authenticator with bubbles in 
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a particular method of which the purpose or aim is to block or to 
prohibit access to systems or sites or to verify the integrity or the 
identity with information associated with an original object. In the same 


...and/or digital form is stored in a database in order to be able to 
verify the integrity of said original authenticator . Another type of 
authenticator can be constituted using the physical connection or the 
object as such by indexing a... 

...same way in a local or remote database or may be printed next to this 
authenticating portion. To all of the cited tamper-proof authenticators 
, others may certainly be added without departing from the scope of the 
invention. In all instances, it is necessary to store a representation of 
the characteristic elements of the chosen authenticator in a database 
or to print a signature specific to the authenticator locally and 
according to a chosen algorithm... 

...a further feature, the memory and/or the database in which a 
representation of the authenticator is stored, is/are physically 
located in the system or/and the site for protection ...the support 
itself but the contents thereof can be read from the outside by an 
authorized person. This representation of the authenticator 
constitutes a key providing access to the physical system and or logic 
information... 

...0031] According to a further feature the representation of the 
authenticator in image and/or digital form may be consulted via an 
Internet-type telecommunication network... 

...contents stored in image form and/or digitally may be consulted by a 
controller or authorised agent in several ways. A first way consists in 
visually comparing the representation in the form of an image stored in 
the local and/or remote database with the physical authenticator by 
analysing the similarity of the bubble or heterogeneity positions. There 
are several means of of the authenticator in the remote database is 
used, the call directing code may be digital, alphanumeric, a... 

...0034] According to another feature the method for verification of 
non-intrusion into a system or a site for protection or for non-violation 


...the integrity of an object according to the invention is earned out by 
comparing the authenticator automatically, using a suitable reader, 
with the digital representation thereof stored in a local or... 

...0035] According to a further feature of the method according to the 
invention, the unique and non-cloneable and therefore tamper-proof 
authenticator is associated with the system or the site for protection 
by a physical connection such that any attempt to open visibly modifies 
or destroys said authenticator making it unusable and/or visibly 
modifies or destroys the connection associating the authenticator with 
the system or with the site for protection... 

...According to the invention, this physical connection is an extremely 
important element as with the authenticator becoming unattackable owing 
to the intrinsic features of non-reproducibility thereof, forgers will 
try to... 
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...hence and according to a feature of the method, the physical connection 
associating the physical authenticator with the system or with the site 
or with the object for protection and for unquestionable identification 
is a wire integrated in a permanent and irreversible manner into both the 
authenticator and the element for protection... 

...0037] According to one feature this physical connection is partially 
integrated into the authenticator with bubbles on the production 
thereof. According to a preferred and particularly inventive alternative, 
one of the ends of a metal or non-metal wire is embedded in a polymer 
or transparent material sandwiched between two sheets of which at least 
one. ..sandwiched and ultrasonically welded between the two sheets renders 
the connection irremediably associated with the authenticator and with 
the system for protection. Any intrusion attempt will modify or break 
either the connection itself, or the authenticator , making it possible 
to provide proof of an effective violation or attempted violation of 
system... 

...ends can be ultrasonically welded. This form of seal may also be 
suitable to be affixed to any object of which the original integrity 
needs to be maintained.. .0038] According to a further feature of the 
method, the physical connection associating the physical authenticator 
with the system or with the site or with the object for protection is a 
transparent polymer uniting the authenticator and the element for 
protection in a permanent and irreversible manner. By way of example... 

...access to the mechanical system on the one hand and/or prohibiting 
recovery of the bubble code on the other hand. The general object of 
the invention is to protect the integrity... 

...0039] Regardless of the implementation thereof, the volumic physical 
authenticator and the physical connection together constitute a very 
high security authentication device or seal intended to prove the 
non-violation of a system ...principle of defense in depth. Thus, 
according to a further feature of the invention this authentication 
seal is characterised in that it constitutes a unique and 
non-reproducible volumic physical authenticator of which a 
representation is stored in a database and of a physical connection 
integrated into said authenticator which makes it possible to associate 
it with the system for protection or for identification... 

...on the seal itself intended to prove the identity of an object 
irreversibly alters said authentication seal... 

...present innovation provides a suitable solution for incontrovertible 
proof. In applications such as national identity cards , passports, 
health cards , bank cards , etc it is necessary on the one hand to 
prove the authenticity of the document issued by the authority and on the 
other hand to prove the assignment of this unique document to a well 
identified person and not to another. An authenticator with bubbles 
such as described previously internally laminated in the card body on 
the production thereof makes it possible to render it always unique and 
totally non-reproducible. Such an authenticator with bubbles which is a 
three-dimensional chaos ...This public physical key is integrated into 
an official document and is indexed in the embedded memory or 
cryptomemory and/or in the issuing organization database. Having become a 
key accessible only for reading and never for writing, this physical 
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authenticator will fulfill several functions simultaneously, namely... 

...0041] it allows both the visual and electronic authentication of each 

physical support guaranteeing and proving the legal and individual 

existence of each document... 
...0042] it allows to verify and prove the assignment ...generator of 

logical keys, it allows to guarantee the integrity of the contents of the 

embedded memory... 

...feature, an RFID (radio frequency identification) can be associated with 
and physically integrated into the authenticator with bubbles according 
to the present invention to form a high security seal. In this case, the 
only purpose of the RFID would be to identify and verify the coherence 
between a logical signature extracted from the bubble code and that 
stored in the RFID memory. This application proves to be of much interest 
to secure an entire traceability chain by sampling to authenticate 
certain objects among batches of identical objects. Concretely the RFID 
antenna or the silicon chip can be partially or wholly embedded in the 
material constituting the authenticator with bubbles on the production 
thereof. .shown. One of the ends (6) of a wire (8) is integrated 
beforehand into the authenticator with bubbles (3) on the production 
thereof. This authenticator with bubbles (3) is sandwiched between two 
sheets (4) and (5) of which at least... 

...is visible. If substitution with another seal takes place, the latter 
will necessarily have another authenticator inevitably different as 
they are all unique as has been explained. Thus when checked by an 
authorized person, the latter will be able to verify whether or not 
the authenticator corresponds to the image signature or the digital 
signature stored in the local and/or... 

...tank (13) built into the lid (1), this resin constitutes the physical 
connection between the authenticator and the object for protection. A 
unique and non-reproducible volumic identifier of the type with bubbles 
(3) is incorporated into the transparent resin (12) before the hardening 
thereof. The authenticator (3) will have been subjected to preparation 
of the surface beforehand permitting very strong adherence... 

...order to prohibit any scraping of the resin (12) which would give access 
to said authenticator (3) so as to recover it intact. In these 
conditions, we appreciate that it is... 

...to access the screw (11) which permits the opening of the lid without 
damaging the unique authenticator (3). In order to simulate a 
non-opening, the forger will try to cast a new resin (12) with a new 
authenticator (3) so as order to give an appearance of non- ...0049] A 
unique and non-clonable authenticator (3) sandwiched between a lower 
reflecting metal plated polyester sheet (5) and an upper much...the 
assembly is then pressed. Thus the connection wire (8) constituting the 
connection between the authenticator (3) and the elements (1) and (2) 
of the system for protection is inviolable without... 

...intrusion or intrusion attempt is visible as the integrity of the 
connection or of the unique authenticator is violated, or there is 
nothing apparently visible in which case it is necessary to verify 
whether the physical authenticator (3) and its representation in the 
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local or remote database correspond.. .necessary with the object for 
protection according to the invention. In this version the volumic 
authenticator (3), with bubbles for example, is sandwiched between a 
transparent upper sheet (4) and a... 

...5). A wire (8) of a length greater than the seal is integrated inside 
the authenticator (3) on the production thereof. Microcut areas are 
provided on the lower sheet (5). These... 

...the support of which the integrity needs to be protected, the wire (8) 
is then embedded in a transparent resin. Violation of the seal in 
attempt to recover it integrally without... 

...signatures stored in the database in addition to the bubbles or other 
elements characterizing the authenticator ...necessary into the object 
for protection according to the invention. In this version the volumic 
authenticator (3), with bubbles for example is directly integrated on 
production into a self-gripping attachment... 

...made of reflective stainless steel for example, the assembly is a 
one-piece unit. An authenticator with bubbles (3 ) is positioned in a 
tamper-resistant manner by gluing or direct adherence... 

...end (16) is subsequently inserted into the (15) non-reverse passage. In 
these conditions, the authenticator (3) and the physical connection 
permitting connection to the object are inseparable without destruction 
thereof... 

...engraved on the collar, it constitutes the call identifier in the 
database in order to verify that it is indeed the correct bubble 
code and to acknowledge the authentic object to which it is attached 
and information associated there with... or if necessary into the object 
for protection or identification. In this version the volumic 
authenticator (3), with bubbles for example is directly integrated upon 
production into a metal nameplate (5... 

...number, the date and the country of production, the name of the 
manufacturer etc. The authenticator (3) is adhered in a 
non-dismountable manner within a space provided for this purpose... 

...only from the inside but at the price of destruction thereof or even of 
the authenticator with bubbles (3) if dismounted. Naturally any other 
rivet or blind rivet system rendering the... 

...alphanumeric, RFID, bar-code, magnetic etc., can be associated to access 
the database and thus verify the authenticity of the seal or of the 
identification plate in comparison to the object...seal associates an 
adhesive base (21) referred to as "VOID" or "Temper evident" with an 
authenticator with bubbles (3) integrated in a non-dismountable manner 
into said base (21). This type... 

...7 is shown, applied to the capsule (1) of a bottle (2) so as to 
authenticate not only the container but also to guarantee the integrity 
of the contents. In this. ..7 is shown, applied to the closure (1) of a 
casing (2) so as to authenticate not only the container but also to 
guarantee the integrity of the contents. In this... 
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...0060] In FIG. 9B, an authenticator with bubbles (3) in the form of a 
label of the type described in FIG.. .0061] In FIG. 10, an authenticator 

with bubbles (3) comprising a public physical key laminated in a card 
body (23) on the production thereof between two protective sheets (24) 
forming a sandwich is shown. Such a support integrating a unique and 
non-reproducible authenticator constitutes an intrinsically secured 
unit permitting access either to allocated rights stored in a database... 

...person to buildings, the right to withdraw money or to make payments for 
a bank card , proof of identity and citizenship for an identity card 
or a travel right for a passport. In the present case, the authenticator 
(3) may be associated with a memory or a ciyptoprocessor. This memory 
may be magnetic connection associating the physical authenticator (3) 
with the card body (23). It is evident that several embodiments exist 
without departing from the present invention. By way of example, it would 
be possible to provide a spotfacing in the card body (23), to insert 
the authenticator therein and to apply only one protective sheet (24) 
to the card body and to the authenticator to physically connect the 
authenticator (3) to the card body (23). Thus the authenticator (3) 
may be directly integrated by lamination into a card body under one or 
between two sheets (24) forming a sandwich... 

...0063] In FIG. 1 1, an authenticator with bubbles (3) into which an RFID 
(22) (radio frequency identification) is partially inserted. In... 

...case, by way of a non-limitative example, an image or a logical 
signature extracted authenticator with bubbles (3) is encrypted and 
stored in the memory of RFID (27) thus permitting, not only 
identification conferred by the RFID, but very high security 
authentication conferred by the bubble code (3) during a check "in 
situ... 

...0064] According to a further feature of the authentication method and 
seal, it is particularly inventive to associate at least two 
authenticators of the codes with bubbles type between themselves by 
means of at least two seals each of which are affixed to at least two 
physically separable portions of the system or the site or the... 

...the same database, the same call number or address in the database then 
allows to verify the association between the one and the other, among 
others this feature allows to combat... 

...0065] According to a further feature of the authentication method, at 
least two authenticators of the type with bubbles may be associated on 
one same seal affixed to at least two physical elements, and the same 
call identifier then allows to verify all of the authenticators 
constituting the seal.. .multitude of industrial, logistic and domestic 
applications are possible: container or cargo seal with intermediate 
verifications upon customs clearance for example by verifying the 
authenticity of the seal recorded in the database and simultaneously 
accessing accurate information on the nature and the object of the cargo; 
measuring or metrology instrument seals verified by competent or State 
organizations; seals of computer-type electronic instruments or 
tachograph- type data... 

...of then hence becoming tamper-proof seals), seals of administrative 
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documents such as national identity cards and passports. 
Exemplary or Independent Claim(s): 

1) Method of verification of non intrusion into a system or a site for 
protection (1) (2) (25) (26... 

..of non- violation of the integrity of an object (20) (23) characterized 
in that a unique and physical authenticator that cannot be 
reproduced identically is used with a volumic authenticator which 
is the result of a chaotic process (3) in order to guarantee its 
non-interchangeability and of which a representation is stored in a 
database, and said authenticator (3) is associated by a physical 
connection (8) (12) (14) (18) (21) (22) (24) to... 

..the integrity of the object visibly modifies or destroys the physical 
connection associating said physical authenticator with the system 
or with the site or with the object for protection and that the 
verification of the integrity of the physical authenticator and of 
its correspondence to its representation stored in the database 
guarantees the fact that... 

..15) Authentication seal purposed to prove the non-violation of a 
system or of a site (1... 

..or of the identity of an object (20) (23) characterised in that it 
constitutes a unique and non-reproducible physical volumic 
authenticator (3) of which a representation is stored in a database 
and of aphysical connection (8) (12) (14) (18) (21) (22) (24) 
integrated into said authenticator which makes it possible to 
associate it with the system for protection (1) (2) (25... 

..on the seal itself intended to prove the identity of an object 
irreversibly alters said authentication seal... 

..24) Authentication method purposed to prove the non-violation of a 
system or of a site (1... 

..and/or the identity of an object (20) (23) characterised in that at 

least two authenticators of the type with bubbles are associated by 
means of at least two seals each of which are affixed to at least 
two physically separable portions of the system or the site or the 
object, and that same call or address identifier in the database then 
allows to verify the association between the one and the other in 
the database... 

..25) Authentication method purposed to prove the non-violation of a 
system or of a site (1... 

..and/or the identity of an object (20) (23) characterised in that at 
least two authenticators of the type with bubbles are associated 
on one same seal affixed to at least two physical elements, and 
that same call identifier then allows to verify all of the 
authenticators constituting the seal. 

Non-exemplary or Dependent Claim(s): 

2) Method of verification of non intrusion into a system or a site for 
protection (1) (2) (25) (26... 
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...integrity of an object (20) (23) according to claim 1, characterized in 
that the physical authenticator that cannot be reproduced 
identically (3) is a transparent volumic authenticator with random 
internal heterogeneities of which a representation may be encoded... 

...3) Method of verification of non intrusion into a system or a site for 
protection (1) (2) (25) (26... 

...of an object (20) (23) according to claim 1, characterized in that the 
transparent volumic authenticator (3) contains visible bubbles of 
which the number, the shape and the arrangement are the... 

...4) Method of verification of non intrusion into a system or a site for 
protection (1) (2) (25) (26... 

...20) (23) according to claim 1, characterised in that the physical 
connection associating the physical authenticator (3) with the 
system or with the site or to the object for protection is a wire (8) 
integrated in a permanent and irreversible manner into both the 
authenticator (3) ...5) Method of verification of non intrusion 
into a system or a site for protection (1) (2) (25) (26... 

...20) (23) according to claim 1, characterised in that the physical 
connection associating the physical authenticator (3) with the 
system or with the site (1) (2) (25) (26) or with the object (20) 
(23) for protection is a transparent polymer (12) joining the 
authenticator (3) and the element for protection in a permanent and 
irreversible manner... 

...6) Method of verification of non intrusion into a system or a site for 
protection (1) (2) (25) (26... 

...20) (23) according to claim 1, characterised in that the physical 
connection associating the physical authenticator (3) with the 
system or with the site (1) (2) (25) (26) or with the object (20) 
(23) for protection is an RFID partially or wholly inserted into the 
authenticator (37) Method of verification of non intrusion into a 
system or a site for protection (1) (2) (25) (26... 

...20) (23) according to claim 1, characterised in that the physical 
connection associating the physical authenticator (3) with the 
system or with the site (1 ) (2) (25) (26) or with the... 

...8) Method of verification of non intrusion into a system or a site for 
protection (1) (2) (25) (26... 

...20) (23) according to claim 1, characterised in that the physical 
connection associating the physical authenticator (3) with the 
system or with the site (1) (2) (25) (26) or with the... 

...9) Method of verification of non intrusion into a system or a site for 
protection (1) (2) (25) (26... 10) Method of verification of non 

intrusion into a system or a site for protection (1) (2) (25) (26... 

...23) according to claim 1, characterised in that an image or the 

signature of the authenticator (3) is stored in the memory of the 
RFID (27) inserted into said authenticator . 


EIC3600 SEARCH RESULTS 


81 


5/6/2009 


.11) Method of verification of non intrusion into a system or a site 
for protection (1) (2) (25) (26... 

.claim 1, characterized in that an image and/or digital representation of 
the transparent volumic authenticator (3) is stored in a remote 
memory or database that may be consulted via a 12) Method of 
verification of non intrusion into a system or a site for protection 
(1) (2) (25) (26... 

.the integrity of an object (20) (23) according to claim 9 characterised 
in that the verification of the integrity of the physical 
authenticator is made by visual comparison of the transparent 
volumic authenticator (3) with the image thereof stored either in a 
local database or in a remote... 

.13) Method of verification of non intrusion into a system or a site 
for protection (1) (2) (25) (26... 

.the integrity of an object (20) (23) according to claim 9 characterized 
in that the verification of the integrity of the authenticator 
(3) is made by automatic comparison, using a suitable reader, with 
its digital representation stored... 

.14) Method of verification of non intrusion into a system or a site 
for protection (1) (2) (25) (26 an identifier (17) is associated with 
the authenticator corresponding to the address thereof in the 
database... 

.16) Authentication seal purposed to prove the non-violation of a 
system or of a site (1... 

.the identity of an object (20) (23) according to claim 15 characterised 
in that the unique and non-reproducible physical volumic 
authenticator is a volumic authenticator with bubbles (3... 

.17) Authentication seal purposed to prove the non-violation of a 
system or of a site (1... 

.the identity of an object (20) (23) according to claim 15 characterised 
in that the unique and non-reproducible physical volumic 
authenticator is a volumic authenticator with bubbles (3) of which 
the volume integrates a wire (8) constituting the physical connection 


.18) Authentication seal purposed to ...the identity of an object (20) 
(23) according to claim 15 characterised in that the unique and 
non-reproducible physical volumic authenticator is a volumic 
authenticator with bubbles (3) of which the volume integrates a wire 
(8) that is sandwiched between... 

.the lower sheet (5) features microcuts (14), the assembly constituting 
the physical connection between said authenticator and the system 
or the object for protection and/or for identification... 

.19) Authentication seal purposed to prove the non-violation of a 
system or of a site (1... 


EIC3600 SEARCH RESULTS 


82 


5/6/2009 


...of an object (20) (23) according to claim 15 characterised in that in 
that the unique and non-reproducible physical volumic 
authenticator is a volumic authenticator with bubbles (3) directly 
integrated into an irreversible single-unit cinch-up tie (19... 

...20) Authentication seal purposed to prove the non-violation of a 

system or of a site (1... 

...of an object (20) (23) according to claim 15 characterised in that in 
that the unique and non-reproducible physical volumic 
authenticator is a volumic authenticator with bubbles (3) directly 
integrated into a nameplate (20) itself irreversibly fixed to the 
object... 

...21) Authentication seal purposed to prove the non-violation of a 
system or of a site (1... 

...of an object (20) (23) according to claim 15 characterised in that in 
that the unique and non-reproducible physical volumic 
authenticator is a volumic authenticator with bubbles (3) directly 
integrated by laminating into a card body under one or two sheets 
(24) forming a sandwich... 

...22) Authentication seal purposed to prove the non-violation of a 
system or of a site (1... 

...of an object (20) (23) according to claim 15 characterised in that in 
that the unique and non-reproducible physical volumic 
authenticator is a volumic identifier with bubbles (3) directly 
integrated into an adhesive label (21) comprising23) Authentication 
seal purposed to prove the non intrusion into a system or a site (1) 
(2... 

...23) according to claim 15, characterised in that a destructible adhesive 
label (21) comprising an authenticator with bubbles permits the 
connection via an opening between a primary package (25) and a... 
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Fulltext Word Count: 8977 

Summary of the Invention: 

...interface (e.g., dialogs or wizards) to have the user help implement 
the change, or confirm that the change is acceptable. The current state 
is preserved before the change occurs, such... 

Description of the Invention: 

...the exemplary operating environment include, but are not limited to, 
magnetic tape cassettes, flash memory cards , digital versatile disks, 
digital video tape, solid state RAM, solid state ROM, and the like.. .the 
like that obtains information from the user for configuring the new 
settings and/or confirming the change. Alternatively (or in addition 
to), the user may be asked what settings and.. .0046] FIG. 4 shows such an 
alternative implementation having the bubble code 404 (comprising 
parts 404s and 404e) run in the application program's process space 414 


...amount of start code 402s that calls into the operating system 412 to 
load the bubble code , e.g., maintained in the form of a dynamic link 
library (DLL) 416 or the... 

...0047] When the bubble code is loaded, represented in FIG. 4 via the 
arrows labeled four (4) and five (5), the bubble code includes start 
code 404s and end code 404e that essentially surrounds the main 
application ...in the system setting block 406 (arrow twelve (12)). 
Arrow thirteen (13) represents the program/ bubble code closing; there 
may be application end code (not shown) to perform the close operations 
...0061] As can be appreciated, conflict resolution is determined by 
the bubble 604 maintaining multiple settings, and selectively applying 
settings based on the ...to use. The notion that these setting(s) are 
contained in a "bubble" is also unique to this invention. Changes can 
involve wizards or other UI to implement the change, multiple changes can 
be encompassed in a single bubble, the actual change can be determined 
at application runtime (e.g., based on application heuristics), and no 
special system support is... 

Exemplary or Independent Claim(s): 

Non-exemplary or Dependent Claim(s): 

...3. The method of claim 1 wherein creating the bubble comprises 
loading bubble code in a process space that is separate from a 
process space of the application program... 

...settings to be changed comprises changing the current system resources 
and/or settings via the bubble code based on a request from the 
application program and returning the application program to 
execution.. .of claim 1 wherein the system resources and/or settings 
to be preserved by the bubble code are specified by the 
application program requesting changes... 

...of claim 1 wherein the system resources and/or settings to be preserved 
by the bubble code are inferred automatically by the bubble 
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code based on at least one system resource and/or setting change 
requested by the application... 
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Fulltext Word Count: 3219 

Method to make transactions secure by means of cards having uniqe and 
non-reproducible identifiers 

Abstract: 

[00000] A method for making transactions secure based upon a card 
-type medium (2) comprising a number (4) and a remote database (5) 
connected to a telecommunications network. A unique and 
non-reproducible identifier (3) in the form of a bubble code is 
physically affixed to the card (2) comprising a number (4) contained 
either on a magnetic strip, of a bar code... 

...call is made to the remote database by means of the number recorded on 
the card , a link authentication is performed by comparing the 
representation of the identifier stored in said database and the... 

Summary of the Invention: 

...relates to a method making transactions secure by means of bank, 
loyalty, subscription, or access authorization cards among others, 
which comprise a magnetic strip, a bar code or an electronic chip as... 

...0002] The magnetic strip or tape used as a data-recording medium on a 
card permitting access to various payment, subscription, and database 
access services, among others, is an extremely... 

...At the banking level in France, this solution was abandoned and replaced 
by the chip card or smart card . However, the aforementioned solution 
is very widespread in all other countries worldwide. Charge-type payment 
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...with the use of magnetic strips. In fact, none of the data stored on a 
card can be kept secret or made inaccessible. Thus, it becomes possible 
to create fake cards or to insert false information. In numerous cases, 
the magnetic strip card is equipped with a PIN code, which permits the 
level of security to be increased since only the card 's owner knows the 
code; however, experienced swindlers could decipher it even though it 
would... 

...0003] The purpose of this invention is to provide a method permitting 
the card -based transactions to be made secure at a relatively modest 
cost that is acceptable to all users. To this end, it utilizes a card 
-type medium comprising a number and a database linked to a 
telecommunications network... 

...0004] The invention is characterized in that an always unique and 
non-reproducible identifier is physically integrated in the medium 
comprising the number, in that... 

...that the stored information comprises at least one image and/or numeric 
signature of the unique and non-reproducible identifier, in that the 
link authentication is effected by means of a comparison between a 
representation of the identifier stored in... 

...the medium, and in that if there is agreement between the two, the 
transaction is authorized . 

[... 

...limiting examples, this other data could be information pertaining to 
the cardholder or the object authenticated by this system. In a 
preferential manner, it may be advantageous to store biometric 
information about the holder to whom the card was given, such as 
his/her photograph and or digital fingerprint and/or DNA and... 

...a method enabling generation of a non-forgeable link between the number 
contained on the card -type medium and information stored under the same 
number in a secure and remote database. Only the authentication of this 
unforgeable link can authorize the transaction. The number on the card 
-type medium may be recorded in various ways. As non-limiting examples, 
the number may 

Description of the Invention: 

...0009] FIG. 3 represents an embodiment of a unique and unforgeable 
identifier... 

...forgeable link in accordance with this invention uses a physical 
identifier. This identifier is physically affixed to the unit bearing 
the number, for example the familiar, standard format, plastic card . 
Another characteristic of this procedure is brought about by the fact 
that the identifier is always unique and non-reproducible and therefore 
it constitutes an unforgeable link between the number recorded on the 
card -type medium and the same number contained in the database. To this 
end, the claim... 

...has conducted extensive research and according to another especially 
innovative and inventive characteristic, whereby the authentication 
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procedure of the unforgeable link may be visual... 


...suitable to create an unforgeable link. Said bubble identifier, whose 
identical reproduction is impossible, is affixed on the card -type 
medium comprising the number. An image of the identifier, in which the 
bubbles and... 

...recording means. When the operator calls the database thanks to the 
number recorded on the card , for example on the magnetic strip, it 
appears on the monitor or printed directly on... 

...database. All one has to do is visually compare the actual and 
non-reproducible identifier affixed to the card -type medium to the 
image received. The operator can then authenticate the link and declare 
the transaction as valid. Thus, this visual link authentication 
solution may be implemented very quickly by means of existing 
infrastructures and therefore without additional investments. Only the 
card -type media comprising the bubble volume-based identifier incur 
additional identifier-related costs. In this case, for the 
authentication to be complete, the operator must ensure that the 
identifier is three-dimensional... 

...0012] According to another characteristic, the non- falsi fiable link 
authentication procedure may be automatic. In this case, the card 
comprising the number and the unique and non-reproducible identifier 
has the number and the identifier read by means of a... 

...s) adapted for reading. The part of the reader integrating the read mode 
of the unique and non-reproducible identifier can analyze and decide on 
the identifier's characteristic elements, thereby... 

...practical manner, when the operator calls up the database for the number 
recorded on the card , the integrated reader simultaneously captures the 
identifier; the identifier's image or its representation is... 

...is performed and compared to that stored in said database. If there is 
agreement, link authentication exists and the transaction is 
authorized . In this case, the three-dimensional image of the identifier 
may be verified by subjecting it to different lighting... 

...is comprised of self-generated bubbles, it is preferable to record the 
number on the card -type medium in the form of a two-dimensional data 
matrix-type code. Thus, the... 

...preferentially arrange the identifier and the two-dimensional code in a 
preferential manner on the card , in such a way as to allow reading them 
both in the same operation... 

...0015] In order to authenticate an identifier, we can access the 
database with a mobile phone. In that case, the... 

...image of the identifier is sent back onto the phone display. The 
operator can then authenticate by checking the match between the 
picture signature on the display and the identifier. In... 

...principle. A medium (2) that may be an ISO-format magnetic strip plastic 
or paper card comprises an identifier (3), whose characteristic 
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elements are always unique and unforgeable, is physically affixed to 
it. The magnetic strip comprises an encoded number (4). A representation 
in the form... 

...modes. In the visual mode, an operator (13) inserts into a magnetic 
reader (8) a card (2) provided with a magnetic strip (1) and a bubble 
identifier (3) whose characteristic feature is that it is always unique 
and non reproducible. After reading of the number (4) recorded on the 
magnetic strip (1... 

...of the printer (10). If there is visual agreement, this means that the 
link's authentication is established and the operator (13) may validate 
the transaction... 

...0019] In the automatic mode, a card (2), bearing a magnetic strip (1) 
and a bubble identifier (3) characterized by always being unique and 
non reproducible, is inserted into a device comprising a magnetic reader 
(8) and a... 

...finishes reading the number (4) contained on the magnetic strip and 
reading the volume-based authentication of the bubble identifier (3), 
the image is captured and sent via (9) toward the... 

...they are identical, a message (14) appears on the terminal (10) 
signifying that the link authentication is established and that the 
transaction is validated... 

...reading the number in the magnetic strip. In particular, this PIN code 
allows one to verify that the cardholder is indeed its owner... 

...Conversely, the comparison may also be made at the database-level. In 
the same manner, verification of the identifier's three-dimensional 
image may be performed either by the scanner or... 

...0022] FIG. 3 represents a unique a non reproducible identifier in 
which bubbles having shapes and holding random positions are self... 

Exemplary or Independent Claim(s): 

1 . Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9), characterized in that 

a unique and non-reproducible identifier (3) is physically 
integrated in the medium (2) comprising the number... 

...of the identifier comprising an image (6) and/or a digital signature (7) 
of the unique and non-reproducible identifier (3), 
the link authentication is performed by means of a comparison 
between a representation of the identifier (6 or... 

...identifier (3) located on the medium (2), and 

if there is agreement, the transaction is authorized . 

Non-exemplary or Dependent Claim(s): 

2. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 


EIC3600 SEARCH RESULTS 


88 


5/6/2009 


...3. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 


...4. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 


...5. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9) according to claim 1, characterized in 
that the unique and non-reproducible identifier (3) constituting 
the unforgeable link between the number (4) recorded on... 

...6. Method for making transactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9) according to claim 1, characterized in 
that the authentication of the unforgeable link authorizing the 
transaction is performed in a visual manner by an operator (13... 

...terminal monitor (11) or printed on the receipt of the printer (10), 
with the real, unique , and non-reproducible identifier (3) 
integrated in the medium (2) comprising the number... 

...8. Method for making Uansactions secure based on a card -type medium 
(2) comprising a number (4) and a remote database (5) connected to a 
telecommunications network (9) according to claim 1, characterized in 
that the authentication of the unforgeable link authorizing the 
transaction is performed automatically. When the operators (13) place 
a call (9) to the... 

...is performed and compared to that (7) stored in said database. If there 
is agreement, authentication of the link exists and the transaction 
is authorized . 
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Abstract: 

...a quantitative measure of the similarity between the blank and user 
forms is used to determine whether or not the user has made a mark on 
the form within that response... 

Summary of the Invention: 

...marks is then later "read" or scored via some sort of 
computer-assisted process which determines which responses the user has 
designated and tabulates those responses for later reporting. Of course 


...for the scan to be in color or gray scale, as the object is to 
determine whether or not a mark is present and a two-level scan is 
adequate for... 

...Even if the active regions on the form have been accurately determined 
, the process of "reading" the mark is not as simple as it might seem. 
Bubbles... 

...a first aspect of the instant invention, there is provided a method of 
reading or determining the mark sense of a user-marked form, which 
begins by storing in computer memory... 

...Using the brightness of the corresponding portions of the two images, a 
transformation is mathematically determined that is designed to 
smoothly correct for observed differences in overall image intensity. The 
intensity... 

...degree of similarity between the unmarked bubble (from the reference 
image) and the potentially marked bubble . Based on this objectively 
calculated value, a determination is made as to whether or not the form 
as been marked. Additionally, depending on... 

Description of the Drawings: 
...FIG. 6 illustrates the preferred method of quantitatively comparing 
two images in order to determine their degree of similarity... 

Description of the Invention: 

...Now, to determine the affine transform that best aligns the marked 
image with the control, a least median... 

...extends from the midpoint of centroids 1330 and 1340. In this example, 
it has been determined that the centroid 1330 needs to be moved so that 
it is centered about the... 

...this feature with its counterpart on the other form. The remaining 
centroids 1350 have been determined to be correctly aligned... 

... Determining the Offset Distances... 

...As a first step and is as illustrated in FIGS. 8B and 6, a relatively 
unique region of the scanned blank form 20 (a "reference" bitmap 620) is 
pre-selected for.. .been processed (step 1 135) the method preferably 
continues by comparing the calculated similarity values to determine 
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which comparison image was most similar to the reference image. Given 
that value and the... 

...none of the calculated similarities may be very meaningful. However, 
since the goal is to determine where marks have been placed on the 
form, even a very rough alignment will be... 

...blank form 10 is selected (step 925), the coordinates of each bubble 
having been previously determined on the blank form (the "unmarked 
bubble" bitmap, hereinafter). Of course, as is illustrated in... 

...values in the output image 550. So, an additional step will generally be 
necessary to determine whether or not a mark is present... 

...as a final step, the calculated output image from the previous step is 
used to determine whether or not the particular under scrutiny bubble 
on the target image has been filled... 

...FIG. 10, the foregoing can readily be used for purposes of OMR or in the 
determination of mark sense. In more particular, it is anticipated that 
the previous method would be... 

...applied to every bubble of interest on a test form (steps 1 025 through 
1050) to determine how the respondent has marked the form that is being 
analyzed. At the conclusion, i... 

...Any one of these measures standing alone would theoretically be enough 
to determine whether or not a user has marked within a particular 
bubble. However in the preferred embodiment, multiple measurements of 
this sort will be used to make that determination . Further, in some 
cases it might prove to be advantageous to combine the previous measures 


...Although the preferred embodiment has been described in the sense of 
determining whether or not particular "bubbles" have been filled in on a 
form, the range of... 

...research, medical records (many hundreds of possible specific 
applications), census data, immigration (entrance and exit cards ), 
conference registrations/surveys, assessments (outside of K-12 education, 
including law school admissions, AICPA (CPA... 

...described and illustrated herein by reference to certain preferred 
embodiments in relation to the drawings attached hereto, various 
changes and further modifications, apart from those shown or suggested 
herein, maybe... 

...departing from the spirit of the inventive concept, the scope of which 
is to be determined by the following claims. 

Exemplary or Independent Claim(s): 

...f) determining from said reference pixels and said target pixels an 
offset between said reference region and... 

...k) determining from said digital target document, said digital 
reference document, and from any adjustment rules so... 
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Non-exemplary or Dependent Claim(s): 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 

..f4) determining from any numerical distances so calculated an offset 
between said reference pixels and said target... 

..i) calculating a minimum value of any numerical distances so determined 
, said minimum value being associated with a particular trial offset 


...i) determining from any numerical distances so calculated an offset 
between said reference pixels and said target... 

...k) calculating an image adjustment rule from any offsets so determined 
; and... 

...1) determining from said digital target document, said digital 
reference document, and from any adjustment rules so... 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 

...g) determining from said plurality of difference pixels a similarity 
value... 

...i) determining from said plurality of similarity values whether said 
selected target bubble is a user-marked... 

...27. A method according to claim 24, wherein step (i) includes the step 
of determining from said plurality of similarity values whether 
said selected target is a user-marked target... 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 

...i2) determining from said average value whether said selected target 
bubble is a user-marked target bubble... 

...i2) determining from said maximum value whether said selected target 
bubble is a user-marked target bubble... 

...e) determining an intensity level of said digital target region... 

...f) determining an intensity level of said digital reference region... 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 

...f) determining from said reference pixels and said target pixels an 
offset between said reference region and... 

...document from any adjustment rules so calculated, thereby producing an 
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aligned document for use in determining at least where on said 
user-marked document a user has marked. 


36/3,K/15 (Item 7 from file: 654) 

DIALOG(R)File 654:US PAT.FULL. 

(c) Format only 2009 Dialog. All rts. reserv. 

0005647441 **IMAGE Available 
Derwent Accession: 1999-572331 

Bubble-protected system for automatic decryption of file data on a per-use 
basis and automatic re-encryption 

Inventor: Grawrock, David, INV 

Jones, Kevin, INV 
Assignee: Symantec Corporation(02) 

Correspondence Address: Martin C. Fliesler FLIESLER DUBB MEYER & LOVEJOY 
LLP, Fourth Floor Four Embarcadero Center, San Francisco, CA, 
94111-4156, US 

Publication Application Filing 

Number Kind Date Number Date 


Main Patent US 20040093506 Al 20040513 US 2003638940 20030811 
Continuation ABANDONED US 9847316 19980324 


Fulltext Word Count: 36240 

Summary of the Invention: 

...remotely via a communications network (e.g., LAN or WAN) so that a 
remotely located, authorized persons can quickly access the data when 
needed... 

...OTF) decryption and re-encryption system which conveniently decrypts and 
re-encrypts file data for authorized users on an as-needed basis... 

...is possible, however, that security may be inadvertently breached by the 
unwitting actions of an authorized user. The authorized user may have 
properly logged into the system and provided all the appropriate 
passwords which... 

...example, suppose that after properly logging into the system and 
providing all appropriate passwords, the authorized user decides to 
connect via the Internet with a Web site or a like source... 

Description of the Invention: 

...other basic re-bootings of the system. The ROM data may specify an 
OS-readable, unique serial number for the computer. The computer system 
100 may also include a real-time... 

...various kinds of encrypted and plaintext data. Part of that data 
represents a list of authorized users (INCLUDED USER's LIST) as will be 
detailed below. Another part of that data... 

...0064] As further seen in FIG. 1, disk subsystem 150 stores: (a) a 
bubble - based algorithm 154 for providing access approval or denial to 
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access requests presented via various kinds... 


...yet further stores: (j) one or more bubble-lists 168 that are used by 
the bubble -based algorithm 154 for providing access approval or 
denial to access requests presented via various kinds... 

...an encrypted form (ciphertext form) except for times when it is being 
legitimately used by authorized users. At such times, the decrypted 
data 175 should be kept only in volatile memory...is employed, the 
executing program or ( )S component of intercept step 2(1 1 is tested for 
bubble - based approval or denial by the program approving/denying 
algorithm 154. One such algorithm is shown... 

...is made of the Excluded Directories List(s) of memory region 155 (FIG. 
1) to determine whether the requested file is 'contained' in a 
directory that is identified as an excluded... 

...0111] At test step 220, it is determined if a decrypted version (real 
or phantom) 161d of the file data has already been... 

...apparently-available? test 220 is Yes, control passes to test step 222 
where it is determined if the current file-OPEN request issued at the 
behest of an OTF recryption module... 

...security label further includes a list that defines a valid user 
identification number for each authorized user. The OS or another 
interacting software module is expected to furnish a matching user... 

...security label is formed by encrypting the plaintext of the needed 

decryption key using the authorized user's public key pursuant to a 

so-called public-key/private-key encryption system... 
...such a public-key/private-key encryption system.) Accordingly, the 

private key of the same authorized user must be obtained in order to 

decrypt the encrypted key string corresponding to that... 

...the current file requester (obtained from the OS) can be compared 
against the list of authorized users within the file's security label 
to see if there is a match. Also... 

...or additionally, other security tests can be performed in step 226 as 
deemed appropriate to determine whether the requesting user and/or the 
requesting application program have valid access rights... 

...0133] If the result at the access-rights verification step 226 is 
negative (No), then control is passed to point B3 where the intercept... 

...0134] If the result at the access-rights verification step 226 is 
instead positive (Yes), then control passes to a decrypting process such 
as... 

...and a decrypted version 161d of the requested file data is made 
available to the authorized requestor. If volume-encryption is being 
used as an additional protection, the OTF software is... 

...subsystem directory 151 and overwriting the original file name (e.g., 
'AA.XLS') with a unique new file name (e.g., 7AN[sub]-l[sub]-98.001... 
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...0140] In one embodiment, the unique new file name is selected as 
follows. The current time and/or current date is used to generate a 
unique alpha-numeric string (e.g., "JANfsubl-lfsubJ-QS.OOr) conforming 
to the file... 

...test and revise procedure is repeated until there is no collision. Then 
the non-colliding unique alpha-numeric string (e.g., 
' JAN[sub]-l[sub]-98.002') is used as the... 

...of security methods including the above-mentioned method of encrypting 
the decryption key with the authorized user's public encryption key... 

...or to a hash of such data. A corresponding public key is afterwards used 
to authenticate the signature by comparing the decrypted signature (the 
version decrypted with the public key) against the stored data or a hash 
thereof. In one embodiment, the last authorized user to edit the file 
is defined as the master of the file 161 and his/her private/public key 
pair is used respectively to sign and authenticate the plaintext. In an 
alternate embodiment, the private/public key pair of the system 
administrator is used respectively to sign and authenticate the 
plaintext. The private/public key pah of another entity may yet 
alternatively be used to respectively to sign and authenticate the 
plaintext... 

...causing programs. The MS-Windows95(TM) protocol wherein asterisks (*) 
are used for multi-character wild cards {including no characters} and 
question marks (?) are used as single-character wild cards may be used. 
The example at 320b f*GEN*.XLS') accordingly identifies the class of 
file... 

...and the master program under whose supervision the slave was loaded. 
Section 3 11c (MASTER/SLAVE) determines which of these 
proximity-of-causation designations is to be queried for from the OS... 

...matches per the MASTER/SLAVE qualification of section 311c, then section 
3 1 Id is consulted to determine if the response to the name and 
type-of-causation matches should be an approval. ..a file-copying 
primitive-function such as COPY.DLL'. In other words, it has been 
determined that , C:\*COPY*.DLL' has no business trying to access a file 
whose name satisfies... 

...DENY and the alert level is that of the current default. This means that 
no authorizing match has been found in the causation-query branch of 
target-query record 320 and... 

...step 450 continues along path 451 to test step 455. In step 455 it is 
determined whether the file -name extension (e.g., the last character 
string following the last period... 

...in step 421, the process continues on to step 422. In step 422, it is 
determined by reading the APPROVE/DENY section (e.g., 3 lid) of the 
matched box, what the... 

...Temporal and/or geographic approval/denial follows a similar scheme. OTF 
recryption with plaintext signature authentication is an optional 
additional level of protection... 
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...If slow path 5 1 1 is followed, a test is carried out in step 502 to 
determine if the read primitive is directed to an area of the volume 
(e.g., of... 

...If slow path 561 is followed, a test is carried out in step 552 to 
determine if the write primitive is directed to an area of the volume 
that is excluded... 

...intercept of such an file-OPEN request, THREAD-1 proceeds to step 712 
where it determines whether decryption is necessary for the 
to-be-opened file. If decryption is deemed necessary... 

Exemplary or Independent Claim(s): 

...interceptable file-OPEN requests; (b) selective OPEN continuance 
means, responsive to the intercept means, for determining whether 
an intercepted file-OPEN request is requesting an open of a file for 
which... 

...identity of a requesting program, (b.l) said selective OPEN continuance 
means being further for determining , if the access request is not 
denied on the basis of said identity of the... 

...to the operating system; (c) plaintext tracking means, responsive to the 
selective continuance means, for determining whether a plaintext 
version of the sometimes enciypted data of the requested file already 
exists... 

...and (d) a decrypting mechanism, responsive to the plaintext tracking 
means such that on a determination that a plaintext version of the 
sometimes encrypted data of the requested file does not... 

...kept encrypted most of the time; said method comprising at least the 
step of: (a) determining whether an intercepted file-OPEN request 
is requesting an open of a file for which... 

...requesting program; said method further comprising one or more of the 
following steps if said determining step does not generate an 
access denial decision: (b) using file-exclusion lists to block... 

...caused by one or more causation-sourcing events for access to targeted 
data having a unique identity; (b) first testing the identity of 
the targeted data for satisfaction of a predefined... 

...one predefined target classifying condition covers plural ones of said 
targeted data that have corresponding, unique identities; (c) 
second testing at least one of the identity of the one or more... 

...or more causation-sourcing events for access to data of a targeted file 
having a unique identity; (b) first testing the identity of the 
targeted file for satisfaction of a predefined... 

...bubble -controller includes an identity classifier for classifying each 
intercepted access-opening request to thereby determine whether the 
identified file for which the opening of an access linkage is being 
requested belongs to a bubble-protected class and if so, to 
determine whether one or more requesting programs that caused the 
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intercepted access-opening request to be... 


...the bubble-controller includes a timeliness tester for testing each 
intercepted access-opening request to determine whether the 
identified file for which the opening of an access linkage is being 
requested belongs to a bubble-protected class and if so, to 
determine whether a time, at which the intercepted access-opening 
request is received, is pre-associated... 

...the bubble-controller includes a geography tester for testing each 
intercepted access-opening request to determine whether the 
identified file for which the opening of an access linkage is being 
requested belongs to a bubble-protected class and if so, to 
determine whether a geographic location or machine from which the 
intercepted access-opening request is received... 

...the plural files can be uniquely identified; (b) testing each 

intercepted access-opening request to determine whether the 
identified file for which the opening of an access linkage is being 
requested belongs to a bubble-protected class and if so, to 
determine whether one or more requesting programs that caused the 
intercepted access-opening request to be... 

...the plural files can be uniquely identified; (b) testing each 

intercepted access-opening request to determine whether the 
identified file for which the opening of an access linkage is being 
requested belongs to a bubble-protected class and if so, to 
determine whether one or more requesting programs that caused the 
intercepted access-opening request to be... 

...one of plural digital data files, where each of said files is 

identifiable by a unique file pathname; (b) system memory into 
which immediately executable code can be stored; (c) an... 

...open requests; (c) for each intercepted file-open request, querying the 
decision-controlling object to determine if the to-be-opened file 
is a member of one of said defined classes... 

...linked to respective ones of said definitions of the blockable classes 
of programs; (e) automatically determining , before file-reading or 
file -writing capability is provided to a given, executing program 
that... 

...to the defined one protectable class of data files; and (f) in response 
to said determining , selectively denying the given request of the 
given, executing program to open the given data... 

...bubble-control access code that is logically associated with the 
predefined class of records to determine whether the access 
request, as made by a member of the predefined requestors class, 
should... 

Non-exemplary or Dependent Claim(s): 

...conveying apparatus of claim 33 wherein (b.l) said predefined target 
classifying condition includes wild card designations for 
classifying the identity of the plural ones of said targeted data... 
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...conveying apparatus of claim 33 wherein (c.l) said predefined causation 
classifying condition includes wild card designations for 
classifying the identity of a tested causation event... 
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Summary of the Invention: 

...on Month Day, 1998 [future issuance number and date to-be 
determined]. 
[••• 

...remotely via a communications network (e.g., LAN or WAN) so that a 
remotely located, authorized persons can quickly access the data when 
needed... 

...OTF) decryption and re-encryption system which conveniently decrypts and 
re-encrypts file data for authorized users on an as needed basis... 

...is possible, however, that security may be inadvertently breached by the 
unwitting actions of an authorized user. The authorized user may have 
properly logged into the system and provided all the appropriate 
passwords which... 

...example, suppose that after properly logging into the system and 
providing all appropriate passwords, the authorized user decides to 
connect via the Internet with a Web site or a like source 

Description of the Invention: 
...other basic re-bootings of the system. The ROM data may specify an 

OS-readable, unique serial number for the computer. The computer system 

100 may also include a real-time... 
...various kinds of encrypted and plaintext data. Part of that data 

represents a list of authorized users (INCLUDED USER'S LIST) as will be 

detailed below. Another part of that data... 

...0064] As further seen in FIG. 1, disk subsystem 150 stores: (a) a 
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bubble - based algorithm 154 for prov iding access approv al or denial to 
access requests presented via various kinds... 

...yet further stores: (j) one or more bubble-lists 1 62 that are used by 
the bubble - based algorithm 1 54 for providing access approval or 
denial to access requests presented via various kinds... 

...an encrypted form (ciphertext form) except for times when it is being 
legitimately used by authorized users. At such times, the decrypted 
data 175 should be kept only in volatile memory... 

...is employed, the executing program or OS component of intercept step 201 
is tested for bubble - based approval or denial by the program 
approving/denying algorithm 1 54. One such algorithm is shown. ..is made of 
the Excluded Directories Lisl(s) of memory region 1 55 (FKj. I ) to 
determine whether the requested file is contained' in a directory that 
is identified as an excluded... 

...0111] At test step 220, it is determined if a decrypted version (real 
or phantom) 1 6 1 d of the file data has already been... 

...apparently-available? test 220 is Yes, control passes to test step 222 
where it is determined if the current lile-OPEN request issued at the 
behest of an OTF recryption module... 

...security label further includes a list that defines a valid user 
identification number for each authorized user. The OS or another 
interacting software module is expected to furnish a matching user... 

...security label is formed by encrypting the plaintext of the needed 
decryption key using the authorized user's public key pursuant to a 
so-called public-key/private-key encryption system... 

...such a public-key/private-key encryption system.) Accordingly, the 
private key of the same authorized user must be obtained in order to 
decrypt the encrypted key string corresponding to that... 

...the current file requester (obtained from the OS) can be compared 
against the list of authorized users within the file's security label 
to see if there is a match. Also... 

...or additionally, other security tests can be performed in step 226 as 
deemed appropriate to determine whether the requesting user and/or the 
requesting application program have valid access rights... 

...013 1 ] If the result at the access-rights verification step 226 is 
negative (No), then control is passed to point B3 where the intercept... 

...0132] If the result at the access-rights verification step 226 is 
instead positive (Yes), then control passes to a decrypting process such 
as... 

...and a decrypted version 1 61d of the requested file data is made 
available to the authorized requester. If volume-encryption is being 
used as an additional protection, the OTF software is... 

...subsystem directory 15 1 and overwriting the original file name (e.g., 
' AA.XLS') with a unique new file name (e.g., 'JAN... 
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...0137] In one embodiment, the unique new file name is selected as 
follows. The current time and/or current date is used to generate a 
unique alpha-numeric string (e.g., 'JAN... 

...test and revise procedure is repeated until there is no collision. Then 
the non-colliding unique alpha-numeric siring (e.g., 'JAN... 

...of security methods including the above-mentioned method of encrypting 
the decryption key with the authorized user's public encryption key... 

...or to a hash of such data. A corresponding public key is afterwards used 
to authenticate the signature by comparing the dccnplcd signature (the 
version decrypted with the public key) against the stored data or a hash 
thereof. In one embodiment, the last authorized user to edit the file 
is defined as the master of the file 161 and his/her private/public key 
pair is used respective!) to sign and authenticate the plaintext. In an 
alternate embodiment, the private/public key pair of the system 
administrator is used respectively to sign and authenticate the 
plaintext. The private/public key pair of another entity may yet 
alternatively be used to respectively to sign and authenticate the 
plaintext... 

...causing programs. The MS-Windows95(TM) protocol wherein asterisks (*) 
are used for multi-character wild cards {including no characters} and 
question marks (?) are used as single-character wild cards may be used. 
The example at 320b C*GEN*.XLS') accordingly identifies the class of 
file... 

...and the master program under whose superv ision the slave was loaded. 
Section 311c (MASTER/SLAVE) determines which of these proximity-of 
causation designations is to be queried for from the OS... 

...matches per the MASTER/SLAVE qualification of section 311c, then section 
31 Id is consulted to determine if the response to the name and 
type-of-causation matches should be an approvaL.a file-copying 
primitive-function such as COPY.DLL'. In other words, it has been 
determined that C:\*COPY*.DLL' has no business trying to access a file 
whose name satisfies... 

...DENY and the alert level is that of the current default. This means that 
no authorizing match has been found in the causation-query branch of 

...step 450 continues along path 45 1 to test step 455. In step 455 it is 
determined whether the file-name extension (e.g., the last character 
string following the last period... 

...in step 42 1 , the process continues on to step 422. In step 422, it is 
determined by reading the APPROVE/DENY section (e.g., 31 Id) of the 
matched box, what the... 

...Temporal and/or geographic approval/denial follows a similar scheme. OTF 
recryption with plaintext signature authentication is an optional 
additional level of protection... 

...If slow path 5 1 1 is followed, a test is carried out in step 502 to 
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determine if the read primitive is directed to an area of" the volume 
(e.g., of... 

...If slow path 561 is followed, a test is carried out in step 552 to 
determine if the write primitive is directed to an area of the volume 
that is excluded... 

...intercept of such an (ile-OPEN request, THREAD- 1 proceeds to step 712 
where it determines whether decryption is necessary for the 
to-be-opened file. If decryption is deemed necessary... 

Exemplary or Independent Claim(s): 

...interceptable file-OPIZN requests; (b) selective OPEN continuance 
means, responsive to the intercept means, for determining whether 
an intercepted file-OPEN request is requesting an open of a flic for 
which... 

...identity of a requesting program, (b.l) said selective OPEN continuance 
means being further for determining , if the access request is not 
denied on the basis of said identity of the... 

...to the operating system; (c) plaintext tracking means, responsive to the 
selective continuance means, for determining whether a plaintext 
version of the sometimes encrypted data of the requested file already 
exists... 

...and (d) a decrypting mechanism, responsive to the plaintext tracking 
means such that on a determination that a plaintext version of the 
sometimes encrypted data of the requested file does not... 

...kept encrypted most of the time; said method comprising at least the 
step of: (a) determining whether an intercepted file-OPEN request 
is requesting an open of a file for which... 

...requesting program; said method further comprising one or more of the 
following steps if said determining step dews not generate an 
access denial decision: (b) using file-exclusion lists to block... 

...request caused by one or more causation-events for access to targeted 
data having a unique identity; (b) first testing the identity of 
the targeted data lor satisfaction of a predefined... 

Non-exemplary or Dependent Claim(s): 

...conveying apparatus of claim 33 wherein (b.l) said predefined 
target-query condition includes wild card designations for 
specifying the identity of a satisfying target... 

...conveying apparatus of claim 33 wherein (c.l) said predefined 
causation-query condition includes wild card designations for 
specifying the identity of a satisfying causation event... 
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Abstract: 

...a quantitative measure of the similarity between the blank and user 
forms is used to determine whether or not the user has made a mark on 
the form within that response... 

Summary of the Invention: 

...marks is then later "read" or scored via some sort of 
computer-assisted process which determines which responses the user has 
designated and tabulates those responses for later reporting. Of course 


...for the scan to be in color or gray scale, as the object is to 
determine whether or not a mark is present and a two-level scan is 
adequate for... 

...0008] Even if the active regions on the form have been accurately 
determined , the process of "reading" the mark is not as simple as it 
might seem. Bubbles... 

...a first aspect of the instant invention, there is provided a method of 
reading or determining the mark sense of a user-marked form, which 
begins by storing in computer memory... 

...Using the brightness of the corresponding portions of the two images, a 
transformation is mathematically determined that is designed to 
smoothly correct for observed differences in overall image intensity. The 
intensity... 

...degree of similarity between the unmarked bubble (from the reference 
image) and the potentially marked bubble . Based on this objectively 
calculated value, a determination is made as to whether or not the form 
as been marked. Additionally, depending on... 

Description of the Drawings: 
...0028]FIG. 6 illustrates the preferred method of quantitatively 
comparing two images in order to determine their degree of similarity 


Description of the Invention: 

...0042] Now, to determine the affine transform that best aligns the 
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marked image with the control, a least median... 

...extends from the midpoint of centroids 1330 and 1340. In this example, 
it has been determined that the centroid 1330 needs to be moved so that 
it is centered about the... 

...this feature with its counterpart on the other form. The remaining 
centroids 1350 have been determined to be correctly aligned... 

... Determining the Offset Distances... 

...As a first step and is as illustrated in FIGS. 8B and 6, a relatively 
unique region of the scanned blank form 20 (a "reference" bitmap 620) is 
pre-selected for... 

...been processed (step 1135) the method preferably continues by comparing 
the calculated similarity values to determine which comparison image 
was ...none of the calculated similarities may be very meaningful. 
However, since the goal is to determine where marks have been placed on 
the form, even a very rough alignment will be... 

...blank form 10 is selected (step 925), the coordinates of each bubble 
having been previously determined on the blank form (the "unmarked 
bubble" bitmap, hereinafter). Of course, as is illustrated in... 

...values in the output image 550. So, an additional step will generally be 
necessary to determine whether or not a mark is present... 

...as a final step, the calculated output image from the previous step is 
used to determine whether or not the particular under scrutiny bubble 
on the target image has been filled... 

...FIG. 10, the foregoing can readily be used for purposes of OMR or in the 
determination of mark sense. In more particular, it is anticipated that 
the previous method would be... 

...applied to every bubble of interest on a test form (steps 1025 through 
1050) to determine how the respondent has marked the form that is being 
analyzed. At the conclusion, i... 

...0085] Any one of these measures standing alone would theoretically be 
enough to determine whether or not a user has marked within a 
particular bubble. However in the preferred embodiment, multiple 
measurements of this sort will be used to make that determination . 
Further, in some cases it might prove to be advantageous to combine the 
previous measures... 

...0086] Although the preferred embodiment has been described in the sense 
of determining whether or not particular "bubbles" have been filled in 
on a form, the range of... 

...research, medical records (many hundreds of possible specific 
applications), census data, immigration (entrance and exit cards ), 
conference registrations/surveys, assessments (outside of K-12 education, 
including law school admissions, AICPA (CPA... 
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...described and illustrated herein by reference to certain preferred 
embodiments in relation to the drawings attached hereto, various 
changes and further modifications, apart from those shown or suggested 
herein, maybe... 

...departing from the spirit of the inventive concept, the scope of which 
is to be determined by the following claims... 

Exemplary or Independent Claim(s): 

...said digital reference document, and, (e2) having a plurality of 
target pixels contained therein; (f) determining from said 
reference pixels and said target pixels an offset between said 
reference region and... 

...c) through (i) at least twice using at least two different digital 
resolutions; and, (k) determining from said digital target 
document, said digital reference document, and from any adjustment 
rules so... 

...f) and (g) a plurality of times, using at least two different trial 

offsets; (i) determining from any numerical distances so calculated 
an offset between said reference pixels and said target... 

...through (i) at least once, (k) calculating an image adjustment rule from 
any offsets so determined ; and, (1) determining from said digital 
target document, said digital reference document, and from any 
adjustment rules so... 

...and each of said selected target pixels, thereby producing a plurality 
of difference pixels; (g) determining from said plurality of 
difference pixels a similarity value; (h) performing steps (d) 
through (g... 

...least two different selected reference pixels, thereby producing a 
plurality of similarity values; and, (i) determining from said 
plurality of similarity values whether said selected target bubble is 
a user-marked... 

...thereby obtaining a digital reference region, said digital reference- 
region containing reference pixels therein; (e) determining an 
intensity level of said digital target region; (f) determining an 
intensity level of said digital reference region; (g) calculating an 
intensity differential between said... 

...said digital reference document, and, (e2) having a plurality of target 
pixels contained therein; (f) determining from said reference 
pixels and said target pixels an offset between said reference region 
and... 

...document from any adjustment rules so calculated, thereby producing an 
aligned document for use in determining at least where on said 
user-marked document a user has marked. 

Non-exemplary or Dependent Claim(s): 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
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RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 

...using said trial offset, (f) performing steps (fl) and (f2) a plurality 
of times, (f4) determining from any numerical distances so 
calculated an offset between said reference pixels and said target... 

...f4) includes the step of: (i) calculating a minimum value of any 
numerical distances so determined , said minimum value being 
associated with a particular trial offset, (ii) selecting said 
particular trial... 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 

...27. A method according to claim 24, wherein step (i) includes the step 
of determining from said plurality of similarity values whether 
said selected target is a user-marked target... 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 

...steps of: (il) calculating an average value of said plurality of 

similarity values, and, (i2) determining from said average value 
whether said selected target bubble is a user-marked target bubble... 

...steps of: (il) calculating a maximum value of said plurality of 

similarity values, and, (i2) determining from said maximum value 
whether said selected target bubble is a user-marked target bubble... 

...the group consisting of computer RAM, computer ROM, a PROM chip, flash 
RAM, a ROM card , a RAM card , a floppy disk, a magnetic disk, a 
magnetic tape, a magneto-optical disk, an optical... 
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Summary of the Invention: 

...file server be capable of executing the same or a similar operating 
system as the attached client workstations. The reasons include the 
need to execute maintenance and monitoring programs on the... 

...consideration is the need to avoid the cost of supporting an operating 
system that is unique to the file server... 

Description of the Invention: 

...2, two mass storage processors 16[sub] 1-2, a bank of four system 
memory cards 1 8[sub] 1 -4, and a host processor 20 coupled to the 
backplane bus 22 preferred embodiments of the present invention, is a Sun 
central processor card , model Sun 3E120, manufactured and distributed 
by Sun Microsystems, Inc.. 

...Finally, the system memory cards 1 8 each provide 48 megabytes of 
32-bit memory for shared use within the computer... 

...UFS interacts with a low level software device driver that is directly 
responsible for an attached physical mass storage device. The UFS 
handles all operations necessary to resolve logical file oriented... 

...FKi. 5 provides a simplified block diagram of the preferred architecture 
of a memory card 18. Each memory card 18 operates as a slave on the 
enhanced VME bus and therefore requires no on... 

...ECC) generation and testing unit 158 is coupled to the multiplexer 154 
to generate or verify , again depending on transfer direction, eight 
bits of ECC data per memory array word. The status of each ECC 
verification operation is provided back to the timing control block 150 


...PID). Context execution switches by the peer-level processor are 
controlled by a process scheduler embedded in the facility's 
multi-tasking kernel. A process may be "active"~at a minimum... 

...The NC facility similarly provides a unique facility ID and the PID of 
its relevant process to another peer-level facility as... 

...system facility 164 except during the initial phase of bootup. Rather, 
both generally appear as unique but otherwise undifferentiated logical 
clients of the storage facility 166. ..message identified by a message 
descriptor is evaluated by the receiving messaging kernel layer to 
determine what is to be done with the message. A message descriptor as 
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used by a... 


...bytes. The initial 32-bit word of the message encodes the message type 
and a unique peer-level facility identifier. The text of the message 
then follows with any necessary fill... 

...The determination to send a message, and the nature of the message, is 
determined by the peer-level facilities. In particular, when a process 
executing on a peer-level... 

...of a desired function may be achieved by calling an appropriate routine, 
that, in turn, determines and calls its own service routines. This is 
illustrated in FIG. 9. A function call... 

...network communications facility, a process is allocated to allow the 
call to operate in a unique context. Thus, the call to or by a stub 
routine is identifiable by the process... 

...handled by the logical call format bubbles Al-X. A message buffer is 
allocated and attached to a message queue. Depending on the particular 
stub routine called, the contents of the... 

...Received messages are initially examined to determine their message 
type. This step is illustrated by the B message parser bubble . Based 
on message type, a corresponding data structure is selected by which the 
message can be... determines whether a given type of file access is 
legal for specified credentials ("cred") on the... 

...facility for configuring the NFS server stack and to respond in support 
of a secure authentication service request. The network communications 
facility will exchange messages with the file system facility for... 

...will in turn issue the necessary FS communication transactions to obtain 
file service. If secure authentication option is used, the NFS server 
will issue requests to the Authentication server daemon running on the 
host processor. The conventional authentication services include: 
mapping (ks[sub]~ getcred()) a given <network name> to Unix style 


...sub]— route" and "nc[sub]— del[sub]— route" IOCTL commands. Once a 
route has been determined for a particular packet, the packet is 
dispatched to the appropriate network interface. If a... 

...ip[sub]— pkt()" communication transaction. If a packet is destined to a 
conventional network interface attached to the host facility, it is 
forwarded to the host facility using the "nc[sub... 

...as opposed to the name of a service, of the facility that is 
registering, its unique facility ID (VME slot ID) and the shared memory 
address of its message descriptor FIFO., .is issued by a facility to the 
timed daemon to determine the system time and to request periodic time 
synchronization messages. The reply message returns the... 

...of VME memory where data transfer takes place. The S facility uses this 
byte to determine the VMEbus protocols to be used for data transfer. 
Memory [sub]- type is defined as... 


EIC3600 SEARCH RESULTS 


107 


5/6/2009 


...message. Therefore, when a reply is received, a message sender checks 
the status word to determine how a message is completed. When k[sub]~ 
null[sub]~ reply is used, the original... 

...Total[sub]~ sector is the disk capacity of the attached SCSI disks. 
Total capacity of a disk bank is this number multiplying the number[sub 


...This message is used to address directly any SCSI disk or peripheral 
attached to a SCSI port. Multiple messages can be sent at the same time. 
They are... 

...Scsi[sub]- id, scsi[sub]— port, and scsi[sub]~ lun[sub]~ address 
identify uniquely one attached SCSI peripheral device. Command[sub]~ 
length and data[sub]— length specify the lengths of command... 

...This message is used to verify if a previous message was received by 
the S facility. If not, the message is... 

...message is sent when there is no active messages. Otherwise, it is very 
difficult to determine how many used messages are in the S facility 
message buffer. For example if there... 

...S facility. The host boot program can then poll this sender[sub]- pid 
word to determine when the message is completed. Messages to the S 
facility are sent in this manner... 

Exemplary or Independent Claim(s): 

Non-exemplary or Dependent Claim(s): 

...facilities implements a multi-tasking interface coupleable between 
said communications bus and a respective and unique peer-level 
control function set to permit message transfer between each of said 
plurality of... 
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Fulltext Word Count: 6102 
Abstract: 

...provided for extracting the radiation exposure information from the 
detectors, as is a processor which determines a quantity of radiation 
exposure from the radiation information extracted from the detectors. The 
processor... 

Summary of the Invention: 

...active, or real time, dosimetry. Passive dosimeters have included, 
for example, TLD-based dosimeter elements, bubble - based dosimeter 
elements, polycarbonate -based dosimeter elements, photographic film-based 
dosimeter elements, indium-based dosimeter elements... 

...one radiation sensitive element selected from the group consisting of a 
TLD-based dosimeter element, bubble - based dosimeter element, 
polycarbonate-based dosimeter element, photographic film-based dosimeter 
element, indium-based dosimeter element... 

...TL element within the housing. The housing may include a case and a 
holder removably attached to the case, the case containing the 
electronic radiation sensitive element, and the holder containing... 

...the other detector. For example, data obtained from the passive detector 
may be used to determine radiation energies and mixed field 
composition, which information may then be used to correct the... 

...provided for extracting the radiation exposure information from the 
detectors, as is a processor which determines a quantity of radiation 
exposure from the radiation information extracted from the detectors. The 
processor... 

Description of the Drawings: 
...FIG. 5 is a plan view of a TLD card . 


Description of the Invention: 

...FIGS. 2-6, the passive detector 22 of the illustrated embodiment 
includes a conventional TLD card 38 and a novel form of holder 40 which 
is adapted for attachment to the... 

...The base 42 includes a rectangular shape pocket 62 sized to accommodate 
the TLD card 38 (FIG. 5). One corner of the pocket is beveled to form a 
key 64 for proper orienting of the card in the pocket; the card can 
only fit one way in the pocket. The pocket may be circumscribed by an... 

...includes a window and/or various filters for respective radiation 
sensitive elements of the TLD card 38. As shown in FIG. 5, the TLD 
card 38 consists of four LiF:Mg,Ti thermoluminescence (TL) elements 
77-80 of different thicknesses... 

...Teflon (PTFE) sheets on an aluminum substrate. Each TL element is 
covered by its own unique filter which provides different radiation 
absorption thicknesses to allow dose estimation for various organs in... 
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...The TL elements 77-80 are located in positions designated 1-4, 
respectively. The TLD card is identified by a label with an ID Number 
appearing in both numeric and barcode formats. One corner of the card 
is notched at 82 to insure proper insertion into the holder and correct 
orientation when being read in a card reader... 

...The illustrated TLD card and filtration corresponds to that of a 
conventional 8825 Dosimeter (the details of which are... 

...or other polycarbonate material. The CR39 strip 90 may be conveniently 
sandwiched between the TLD card and the case 26 of the active detector 
when the holder is slipped over the... 

...a common case. If the passive detector component of the dosimeter 
assembly employs a TLD card such as that above described, then 
preferably the case has a removable cover (preferably tamperproof) for 
permitting removal of the TLD card (and/or any other passive detector 
element) for reading the TLD card (and/or any other passive detector 
element... 

...off the case 26 of the active detector 24 to permit removal of the TLD 
card 38 and CR39 strip 90. After reading of the TLD card andtheCR39 
strip in their respective readers in known manner, the dosimeter may be 


...a processor (or processors) which interrelate the radiation exposure 
information read from the detectors and determines a quantity of 
radiation exposure from the radiation information acquired from the 
detectors, such as... 

...of the type and severity of the measured radiation on the human body, 
may be determined from the response of the detectors through 
application of appropriate correction algorithms. For example, a... 

...of the active detector. For example, radiation energies and field 
mixtures can be more accurately determined from the radiation exposure 
information acquired from the passive detector. With this information, an 
appropriate... 

...the information reported is accurate. The doses reported by the 
detectors may be compared to determine if a problem exists... 

...The Model 6600 reader is capable of automatically reading both whole 
body and environmental TLD cards . A Model 6600E reader gives the 
additional capability of reading extremity dosimeters. The software which 


...single, fully integrated workstation. Each workstation can process up to 
200 whole body or environmental cards (or 400 extremity dosimeters in 
the Model 6600E) without operator attention, while performing a number... 

...and automatic control of the instrument, providing powerful data 
handling capabilities, including reader and field card calibration and 
automatic application of element correction coefficients to field card 
readings; automatic TTP selection; data storage, selection and 
summarization; computerized glow curve de convolution; and data... 
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...are continuously updated and displayed on a results screen at all times: 
type of reading, card ID, active TTP number and name, date and time of 
last card read, current date and time, read cycle phase, air 
temperature for both channels, high voltage... 

...the reader is calibrated, such as rem. This simple conversion, however, 
often is inadequate for determining the effect of the measured 
radiation on the human body, especially considering the effects of... 

...filters, as described above, the relative TL response of the materials 
can be evaluated to determine the type as well as the severity of the 
radiation, and thus estimate its effect... 

...enabling supervisory access to entry and exit data, personnel records, 
and RWP (radiation work permit) authorization information... 

...b. Verification data including: dosimeter serial number, calibration 
date, dose expected, dose measured, percent error, passing criteria... 

...The Dositec Software controls access through RWP (radiation work permit) 
authorization lists and exposure limits, maintained personnel exposure 
data and maintained dosimeter calibration data, all controlled... 

Exemplary or Independent Claim(s): 

Non-exemplary or Dependent Claim(s): 

...one radiation sensitive element selected from the group consisting of 
a TLD-based dosimeter element, bubble - based dosimeter element, 
polycarbonate-based dosimeter element, photographic film-based 
dosimeter element, indium-based dosimeter element... 

...set forth in claim 4, wherein said housing includes a case and a holder 
removably attached to said case, said case containing said 
electronic radiation sensitive element, and said holder containing... 

...respective readers for extracting the radiation exposure information 
from said detectors; and a processor which determines a quantity of 
radiation exposure from the radiation information extracted from the 
detectors, said processor... 
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Continuation Abandoned US 89404885 19890908 

Fulltext Word Count: 24005 

Description of the Invention: 

...examined to determine their message type. This step is illustrated 
by the B message parser bubble . Based on message ... determines 
whether a given type of file access is legal for specified credentials 
("cred") on the... 

...facility for configuring the NFS server stack and to respond in support 
of a secure authentication service request. The network communications 
facility will exchange messages with the file system facility for... 

...will in turn issue the necessary FS communication transactions to obtain 
file service. If secure authentication option is used, the NFS server 
will issue requests to the Authentication server daemon running on the 
host processor. The conventional authentication services include: 
mapping (ks[sub]~ getcredQ) a given <network name> to Unix style 


...sub]-- route" and "nc[sub]~ del[sub]~ route" IOCTL commands. Once a 
route has been determined for a particular packet, the packet is 
dispatched to the appropriate network interface. If a... 

...ip[sub]— pkt( )" communication transaction. If a packet is destined to a 
conventional network interface attached to the host facility, it is 
forwarded to the host facility using the "nc[sub... 

...as opposed to the name of a service, of the facility that is 
registering, its unique facility ID (VME slot ID) and the shared memory 
address of its message descriptor FIFO... 

...is issued by a facility to the timed daemon to determine the system 
time and to request periodic time synchronization messages. The reply 
message returns the... 

...of VME memory where data transfer takes place. The S facility uses this 
byte to determine the VMEbus protocols to be used for data transfer. 
Memory[sub]~ type is defined as... 

...message. Therefore, when a reply is received, a message sender checks 
the status word to determine how a message is completed. When k[sub]~ 
null[sub]~ reply is used, the original... 

...Total[sub]~ sector is the disk capacity of the attached SCSI disks. 
Total capacity of a disk bank is this number multiplying the number[sub 


EIC3600 SEARCH RESULTS 


112 


5/6/2009 


...This message is used to address directly any SCSI disk or peripheral 
attached to a SCSI port. Multiple messages can be sent at the same time. 
They are... 

...Scsi[sub]~ id, scsi[sub]- port, and scsi[sub]- lun[sub]- address 
identify uniquely one attached SCSI peripheral device. Command[sub]- 
length and data[sub]- length specify the lengths of command... 

...This message is used to verify if a previous message was received by 
the S facility. If not, the message is... 

...message is sent when there is no active messages. Otherwise, it is very 
difficult to determine how many used messages are in the S facility 
message buffer. For example if there... 

...S facility. The host boot program can then poll this sender[sub]~ pid 
word to determine when the message is completed. Messages to the S 
facility are sent in this manner 

9 
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Description of the Invention: 

...the web page. Preferably, the client program 124 or the data server 
1 40 checks to verify the entered name is actually present on the web 
page. The bubble 310 includes a.. .FIG. 5, the client toolbar web page 608 
preferably includes Document Object Model (DOM) manipulation code 522 
in the form of Javascript. The DOM manipulation code 522 is executed to 
add the web page embedded product elements 220 (FIG. 2A) adjacent 
product representations on the displayed web page 602 by manipulating the 
web browser's DOM. The DOM manipulation code 522 can also be used to 
make other ...0080] The toolbar code 524 is also preferably configured 
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to create bubbles such as the bubble 310 of FIG... 


...is viewed by the user. The client bubble web page 532 may also contain 
client bubble code 534, ...identification is preferably included in 
the client toolbar web page 608 in the form of embedded code , which 
is preferably Javascript. The embedded code , which preferably 
includes the DOM manipulation code 522 and the toolbar code 524, will 
be described in greater detail in conjunction with subsequent steps. If 
the data.. .scenario, the client program displays the product-identifying 
display elements, such as the web page embedded product elements 220 of 
FIG. 2 A, adjacent representations of the associated products on the 
displayed... 

...the displayed web page. In this scenario, the client program preferably 
executes the DOM manipulation code 522 embedded in the client toolbar 
web page 608 to add the display elements to the web... 
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Description of the Invention: 

...the web page. Preferably, the client program 124 or the data server 
140 checks to verify the entered name is actually present on the web 
page. The ...FIG. 5, the client toolbar web page 608 preferably includes 
Document Object Model (DOM) manipulation code 522 in the form of 
Javascript. The DOM manipulation code 522 is executed to add the web 
page embedded product elements 220 (FIG. 2A) adjacent product 
representations on the displayed web page 602 by manipulating the web 
browser's DOM. The DOM manipulation code 522 can also be used to make 
other modifications to the web page 602. Document... 
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...0082] The toolbar code 524 is also preferably configured to create 
bubbles such as the bubble ...is viewed by the user. The client bubble 
web page 532 may also contain client bubble code 534, preferably in 
the form of Javascript, that implements any desired active functionality 
of the... identification is preferably included in the client toolbar web 
page 608 in the form of embedded code , which is preferably 
Javascript. The embedded code , which preferably includes the DOM 
manipulation code 522 and the toolbar code 524, will be described in 
greater detail in conjunction with subsequent steps. If the data... 
scenario, the client program displays the product-identifying display 
elements, such as the web page embedded product elements 220 of FIG. 
2A, adjacent representations of the associated products on the displayed 


...the displayed web page. In this scenario, the client program preferably 
executes Ihc DOM manipulation code 522 embedded in the client toolbar 
web page 608 to add the display elements to the web... 
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Summary of the Invention: 

...that Keyl is blocked from being released if a requesting user 901 
fails to properly authenticate his or her right to having 
"intelligible" access to the encryption- ...864,297 and U.S. Pat. No. 
5,953,419 may be used for such authenticating of a user's rights to (a) 
use a particular workstation such as 910 at... minimize the danger of 
tampering, the external permission rules should be digitally signed and 
locally verified before being accepted locally during the TTL action... 
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864,297 and U.S. Pat. No. 5,953,419 may be used for the authenticating 
of a user's rights to (a) use a particular workstation such as 10 or... 
can be any effective one such as RSA public -key signature, or DSA 
(Digital Signature Authentication ), or MAC (Message Authenticating 
Code ) or one based on elliptic curves. The point is that 
spoofers/intruders will not be... 

...25') in the local client 10/20 into performing operations other than 
those intended by authorized users or administrators of the system 95 
...61b, 62 and 63. As already explained, the digital signature 99 may be 
used to verify that the native version (76) of the Folder-Use record 
had not been tampered with...g., field 99 of FIG. ID). In step 206, the 
On-Open intercept routine 200 authenticates the downloaded information 
by performing a signature check. If the digital signature does not 
conform.. .0226] If the downloaded information (52a) is authenticated by 
the digital signature check, then the authenticated plaintext of the 
downloaded information can now be stored into the local 
use -tracking/managing. ..available? in step 233 is YES, control passes to 
test step 236 where it is determined if the current file-OPEN request 
was issued at the behest of an OTF recryption... 

...exited via step 299 (Al) as indicated. This blocks undesirable recursion 
when the OTF-recryption code itself tries to open a file...0265] If the 
result at the user access-rights verification step 238 is negative 
(No), then control is passed to point A2 and thereafter to... 

...routine forces a 'failed file-open' to occur. If the result at the 
access-rights verification step 238 is instead positive (Yes), then 
control passes to a decrypting process such as...or to a hash of such 
data. A corresponding public key is afterwards used to authenticate the 
signature by comparing the decrypted signature (the version decrypted 
with the public key) respectively... 

...file 161 and his/her private/public key pair is used respectively to 
sign and authenticate the plaintext. In an alternate embodiment, the 
private/public key pair of the system administrator is used respectively 
to sign and authenticate the plaintext. The private/public key pair of 
another entity may yet alternatively be used to respectively to sign and 
authenticate the plaintext... file identified in 3 10 is currently being 
processed by an OTF module. A first state- code may be established in 
portion 32 1 for indicating that renaming of the original file and... 

...name to a to-be-decrypted local file is still in progress. A second 
state- code may indicate that decryption (step 250) is still in 
progress. A third state- code may indicate that a scorching (total 
erasure) of the plaintext within the decrypted, local file is now in 
progress. A fifth state- code may indicate that file specifying 
attributes within the system directory 151 are now being updated... 

...reflect a new location or status for the file named in 310. A sixth 
state- code may indicate that OTF modules are not presently processing 
the file identified by section 310 and that this file is therefore 
available for usage by any authorized application program that may wish 
to read from, or write to the file. An example of such application 
program usage is execution of code section 172 of FIG. 1E...310. Second 
portion 322 can include a flag indicating that user access rights have 
been verified by checking the file security label and/or by checking a 
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recryption rules file corresponding... 

Exemplary or Independent Claim(s): 

...internal, removable, or external media; 

(b) first testing for each intercepted data access attempt, to 

verify that the identified media on which the requested file resides 

is currently available, and if... 

Non-exemplary or Dependent Claim(s): 

...securely import the missing, access constraining control information 
includes at least one of: 

(d.l) verifying a digital signature covering corresponding access 
constraining control information that is held in said removable... 

..access constraining control information of the identified file; and 
(d.3) storing a digital-signature authenticated and/or decrypted, 
plaintext version of the missing, aeeess constraining control 
information in said internal. ..claim 5 and wherein said 
internal/external access-constraining method further comprises: 
(k) attempting to verify a digital signature covering the decrypted 
primary data ...the provision of said grant in response to the 
intercepted access-request if the signature verification of step 
(k) is unsuccessful. .internal, removable, or external media; 
(b) first testing for each intercepted file-closing attempt, to 
verify that the identified media on which the to-be-closed file 
resides is currently available... 
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WORD COUNT: 2310 

...TEXT: have any rights to your aboriginal land and its resources, 
although it is a legally determined right in part through the Royal 
Proclamation of 1763, the BNA Act, the Constitution, and... 

...body under the command of the United States, a role the U.S. has 
unilaterally determined for itself. [5] 

Currently the majority of Canadians are against the effort in 
Afghanistan, not... 

...American economy is undergoing a shakedown of its debt structures now, 
as the housing market bubble , based on ever increasing debt and 
financial trading structures that no one seems to really comprehend, is 
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deflating rather rapidly. American debt is huge, whether it is credit 
cards , mortgages, national or international, with, ironically, the Chinese 
and Japanese being able to control the... 

...the norms for indigenous rights it becomes a fair argument that Canada 
has not yet determined and indeed is undermining its own sovereignty. If 
the rest of the world no longer... 


32/3,K/2 (Item 1 from file: 20) 

DIALOG(R)File 20:Dialog Global Reporter 
(c) 2009 Dialog. All rts. reserv. 

61838838 (USE FORMAT 7 OR 9 FOR FULLTEXT) 

(Kyodo) - Japan and the other Group of Seven economic powers should show 
unity as the global economy is expected to "slow down considerably" with 
the widening U.S. subprime loan mess, said Eisuke Sakakibara, a former 
senior Finance Ministry official known 

KYODO NEWS SERVICE 
February 02, 2008 

JOURNAL CODE: WKYO LANGUAGE: English RECORD TYPE: FULLTEXT 
WORD COUNT: 583 

(USE FORMAT 7 OR 9 FOR FULLTEXT) 

The G-7 financial leaders "should analyze the current conditions, 
reach a common position and confirm that they are ready to take joint 
action when necessary" at their Feb. 9 meeting... 
... or later. 

"The subprime woes have not hit bottom and could widen further to 
involve credit card and auto loan companies. It will take two or three 
years for the entire problem... 

...the U.S. dollar and the euro, he said. 

"We have had a 'weak-yen bubble ' based on interest rate 
differentials, but adjustments will occur with cuts in overseas interest 
rates," Sakakibara... 
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DOCUMENT TYPE: NEWSWIRE 
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TEXT: 

...The G-7 financial leaders "should analyze the current conditions, reach 
a common position and confirm that they are ready to take joint action 
when necessary" at their Feb. 9 meeting... 
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...or later. 


"The subprime woes have not hit bottom and could widen further to involve 
credit card and auto loan companies. It will take two or three years for 
the entire problem... 

...the U.S. dollar and the euro, he said. 

"We have had a 'weak-yen bubble ' based on interest rate differentials, 
but adjustments will occur with cuts in overseas interest rates," 
Sakakibara... 
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Mass-storage options rise to the challenges of size, ruggedness. (includes 
related article on bubble memory) 

Williams, Tom 

Computer Design, v27, nl3, p83(7) 
July, 1988 

ISSN: 0010-4566 LANGUAGE: ENGLISH RECORD TYPE: FULLTEXT; ABSTRACT 
WORD COUNT: 2446 LINE COUNT: 00193 

...ABSTRACT: 2Mbytes. Lithium battery-backed removable CMOS memory 
cartridges are offering similar capacities and lower cost. Credit card 
-sized memory cards are also offering battery-backed memory for such 
functions as removable RAM... 

... let system integrators easily incorporate bubble storage into their 
design. In addition, Magnesys produces custom bubble - based storage 
subsystems. According to Bill Morrison, vice-president of sales and 
marketing at Magnesys, bubble ...modules. Such memory modules come in two 
basic configurations: preintegrated units with standard interfaces and 
credit - card -sized devices with connector pins. The card-sized devices 
require the system designer to implement... 

...memory may be the answer. 

A more compact form of battery-backed memory is the credit - card 
-sized memory card. Memory cards are modules containing SRAM chips, control 
circuitry and a long...s available in either 3-1/2- or 5-1/4-in. form 
factors. It attaches as an external unit to NEC or Toshiba laptops via 
proprietary cabling for backup operations... 
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System und Verfahren zum Ausliefern von Finanzdienstleistungen 

Systeme et methode de delivrance de services financiers 
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Citicorp Development Center, Inc., (1 175292), 12731 W. Jefferson 
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Grandcolas, Micael L., 247 Ocean Park Boulevard, Santa Monica, CA 90405, 
(US) 

Bryant, Nancy, 13112 Dewey Street, Los Angeles, CA 90066, (US) 
Schechtman, Howard A., 5875 Green Meadow Drive, Agoura Hills, CA 91301, 
(US) 

Parekh, Dilip J., 6430 Riggs Place, Los Angeles, CA 90045, (US) 
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Johansson, Lars-Erik et al (9205661), Hynell Patenttjanst AB Patron 
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PATENT (CC, No, Kind, Date): EP 1107149 A2 010613 (Basic) 

EP 1107149 A3 011107 
APPLICATION (CC, No, Date): EP 2000203324 000927; 
PRIORITY (CC, No, Date): US 169982 P 991210 

DESIGNATED STATES: AT; BE; CH; CY; DE; DK; ES; FI; FR; GB; GR; IE; IT; LI; 

LU; MC; NL; PT; SE 
EXTENDED DESIGNATED STATES: AL; LT; LV; MK; RO; SI 
INTERNATIONAL PATENT CLASS (V7): G06F-0 17/60 
ABSTRACT WORD COUNT: 286 
NOTE: 

Figure number on first page: 2 

LANGUAGE (Publication,Procedural,Application): English; English; English 

FULLTEXT AVAILABILITY: 

Available Text Language Update Word Count 

CLAIMS A (English) 200124 1322 

SPEC A (English) 200124 18238 
Total word count - document A 19560 
Total word count - document B 0 
Total word count - documents A + B 19560 

...SPECIFICATION a logon message to the remote device and instantiates a 
profile transaction executor component to authenticate a customer. A 
navigation shell component notifies the remote device of the list of 
available... 

...3C. 

Figs. 5A to 5D are flow charts depicting operations of the delivery 
system in authenticating a customer. 

Figs. 6A to 6C are partial block diagrams of the delivery system 
depicting. ..the front door man component 5 1 adds a session security token 
to outgoing messages and verifies the session security token for 
incoming messages. For sessions with a CAT/CASST 16, the...control 
devices via an acquisition mechanism. Upon request, the session device 
manager component 63 first determines the availability and capability 
of the acquired device and returns the device reference to the client. 
The session device manager component 63 queries the peripheral device 
manager component 62 to determine devices available to the system, 
queries the delivery capabilities to determine the available remote 
devices and creates instances of those devices for use by session 
components... 

...The crypto man component 75 manages secret keys associated with external 
service providers and performs authentication of public key 
certificates. The crypto man component 75 holds security keys for each 
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external.. .variable, counter, and status indicator. The status monitor 
agent monitors status instrument variables and events, determines if an 
external system management product needs to be notified, and sends any 
important "alarms... 

...the initial welcome page to the customer and collects customer identity 
and preference information. After determining the issuer of the 
customer ID and possibly authenticating the customer, the welcome mat 
component 81 instantiates several customer services objects to hold 
information... 

...for issuer. The welcome mat component 81 instantiates a profile 
transaction executor component 9 1 to authenticate the customer and get 
the customer's relationships or customer profile. This process typically 
involves... customer data micro app. 

The welcome mat component 8 1 may do four things for customer 
authentication based on acquirer rules and the type of customer ID, such 
as public key certificate, ATM card, credit card , on-us, or off-us. 
The welcome mat component 81 may provide immediate local authentication 
using public key certificates or may provide immediate authentication 
with the issuer, waiting for a response. The welcome mat component 8 1 may 
also provide background authentication with the issuer w hile going on 
to the navigation shell component 82 or may defer authentication to the 
first transaction. With deferred authentication , the welcome mat 
component 81 may need to instantiate a default customer relationship 
component 113 and a default set of product types, such as checking, 
savings, or credit card . If a rule broker component 1 2 1 does not have 
a registered issuer for the card/CIN prefix number, a customer ID 
component 1 1 1 is instantiated and marked invalid, further authentication 
of the customer is skipped, and a navigation shell component 82 for 
invalid customers is., .executor component 91 validates properties of data 
obtained from mini-app dialog components 83 to determine whether the 
required information needed to do the transaction exists. If the data is 
missing... card information, if a card was used, including the type of 
card, such as ATM, credit card , SmartCard. and tracks present and 
track data. The customer ID component 1 1 1 knows the tier... 

...identity, for instance, business code, financial institution identifier, 
and issuer type, such as bank card, credit card , or other third party 
card. The issuer component 1 12 knows the PIN length supported and... 

...supported, and the navigation schemes supported. The issuer component 
1 12 knows when or how to authenticate customer, such as by local 
validation of public key certificate, immediate to issuer, background to 
...man component 122, and welcome mat component 81. The session 
component 132 sends touch point attached notification to each of the 
components and supports registration of additional session components 
that need... 

...presented with a consistent and familiar interface regardless of the 
remote device used. 

B. Customer Authentication 
An example of the process of authenticating a customer will now be 
described with reference to Figs. 5A to 5D and Figs... 
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...step E22, the touch point interface component 41 forwards the message to 
the appropriate session bubble based on the session ID in the session 
cookie. At step E3, the front door man... 

...step E28, the welcome mat component 81 instantiates the profile 
transaction executor component 91 for authenticating the ...The 
delivery system 12 can easily support multi-media. HTML has well-known 
means for embedding and referencing a wide range of media types, for 
instance graphics, sounds, and movies. The...session bubble starts up 
normally at the CAT 16. When the welcome mat component 81 determines 
that this customer is off-region, the welcome mat component 81 makes a 
connection to... 

...component 111 and issuer components 1 12 on the NetCAT server 200. After 
NetCAT server 200 authenticates the customer, with its own external 
service provider, the NetCAT server 200 starts up a... 

...startup, instantiates the customer ID component 1 1 1 and issuer 
components 1 12. After the customer is authenticated with the external 
service provider, the navigation shell component 82 is started. The 
customer selects... 

...on the customer's transaction card, such as the prefix of the card, it 
is determined what type the customer is, such as whether the customer 
is an "on-us" customer... rule "answerer" may be installed or replaced 
independently from components which use that data to determine answers 
to rule questions. 
In general, a business rule is a statement of policy driven... 

...authorities, the rule engine has no specific knowledge of rules or 
applications. The rule engine determines answers for rules and is used 
by the rule broker component 121 and calls the... contains specific rules 
for dispense amounts and ask the peripheral device manager component 62 
to determine what denominations arc available. 
B. Example Two, Maximum PIC Retries? 
As another example, a rule... 


..CLAIMS adding security identifiers to communications sent to said 
self-service financial transaction device and for verifying 
security identifiers on communications received from said 
self-service financial transaction device. 

12. The method... adding security identifiers to communications sent to 
said self-service financial transaction device and for verifying 
security identifiers on communications received from said 
self-service financial transaction device. 

37. The system... 
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...SPECIFICATION a logon message to the remote device and instantiates a 
profile transaction executor component to authenticate a customer. A 
navigation shell component notifies the remote device of the list of 
available... 

...the events. In addition, the status monitor agent can periodically poll 
the managed component to determine if a local action is required. 
In an embodiment of the present invention, an alarm.. .3C. 

Figs. 5 A to 5D are flow charts depicting operations of the delivery 
system in authenticating a customer. 

Figs. 6A to 6C are partial block diagrams of the delivery system 
depicting.. .the front door man component 5 1 adds a session security token 
to outgoing messages and verifies the session security token for 
incoming messages. For sessions with a CAT/CASST 16, the...control 
devices via an acquisition mechanism. Upon request, the session device 
manager component 63 first determines the availability and capability 
of the acquired device and returns the device reference to the client. 
The session device manager component 63 queries the peripheral device 
manager component 62 to determine devices available to the system, 
queries the delivery capabilities to determine the available remote 
devices and creates instances of those devices for use by session 
components. ..The crypto man component 75 manages secret keys associated 
with external service providers and performs authentication of public 
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key certificates. The crypto man component 75 holds security keys for 
each external... 

...variable, counter, and status indicator. The status monitor agent 
monitors status instrument variables and events, determines if an 
external system management product needs to be notified, and sends any 
important "alarms. ..the initial wome page to the customer and collects 
customer identity and preference information. After determining the 
issuer of the customer ID and possibly authenticating the customer, the 
wome mat component 81 instantiates several customer services objects to 
hold information... 

...for issuer. The wome mat component 81 instantiates a profile transaction 
executor component 91 to authenticate the customer and get the 
customer's relationships or customer profile. This process typically 
involves... 

...customer data micro app. 

The wome mat component 8 1 may do four things for customer 
authentication based on acquirer rules and the type of customer ID, such 
as public key certificate, ATM card, credit card , on-us, or off-us. 
The wome mat component 8 1 may provide immediate local authentication 
using public key certificates or may provide immediate authentication 
with the issuer, waiting for a response. The wome mat component 81 may 
also provide background authentication with the issuer while going on 
to the navigation shell component 82 or may defer authentication to the 
first transaction. With deferred authentication , the wome mat component 
81 may need to instantiate a default customer relationship component 113 
and a default set of product types, such as checking, savings, or credit 

card . If a rule broker component 121 does not have a registered issuer 
for the card/CIN prefix number, a customer ID component 1 1 1 is 
instantiated and marked invalid, further authentication of the customer 
is skipped, and a navigation shell component 82 for invalid customers is 
...executor component 91 validates properties of data obtained from 
mini-app dialog components 83 to determine whether the required 
information needed to do the transaction exists. If the data is missing 


...card information, if a card was used, including the type of card, such 
as ATM, credit card , SmartCard, and tracks present and track data. 
The customer ID component 1 1 1 knows the tier instance, business code, 
financial institution identifier, and issuer type, such as bank card, 
credit card , or other third party card. The issuer component 1 1 2 knows 
the PIN length supported and... 

...supported, and the navigation schemes supported. The issuer component 
1 12 knows when or how to authenticate customer, such as by local 
validation of public key certificate, immediate to issuer, background to 
...man component 122, and wome mat component 81. The session component 
132 sends touch point attached notification to each of the components 
and supports registration of additional session components that need... 
presented with a consistent and familiar interface regardless of the 
remote device used. 

B. Customer Authentication 
An example of the process of authenticating a customer will now be 
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described with reference to Figs. 5A to 5D and Figs... 

...step E22, the touch point interface component 41 forwards the message to 
the appropriate session bubble based on the session ID in the session 
cookie. At step E3, the front door man... 

...step E28, the wome mat component 81 instantiates the profile transaction 
executor component 91 for authenticating the customer and then passes 
the CIN and encrypted PIN to the transaction executor component... The 
delivery system 12 can easily support multi-media. HTML has well-known 
means for embedding and referencing a wide range of media types, for 
instance graphics, sounds, and movies. The... 

...session bubble starts up normally at the CAT 16. When the wome mat 
component 81 determines that this customer is off- region, the wome mat 
component 81 makes a connection to... 

...component 111 and issuer components 1 12 on the NetCAT server 200. After 
NetCAT server 200 authenticates the customer, with its own external 
service provider, the NetCAT server 200 starts up a...rule "answerer" may 
be installed or replaced independently from components which use that 
data to determine answers to rule questions. 
In general, a business rule is a statement of policy driven... 

...authorities, the rule engine has no specific knowledge of rules or 
applications. The rule engine determines answers for rules and is used 
by the rule broker component 121 and calls the... contains specific rules 
for dispense amounts and ask the peripheral device manager component 62 
to determine what denominations are available. 

B. Example Two, Maximum PIC Retries? 
As another example, a rule. ..heterogeneous environment. Another problem 
with current attempts to manage and monitor devices is that they attach 
the issue of the communications to the central node, such that the design 
of local... 

...controller. The status monitor agent 308 monitors managed components and 
their instrumentation variables and events, determines if a local 
action is required or an external system management product, such as 
system... cass2 response to the status monitoring agent 308. At S32, the 
status monitoring agent 308 determines the true cash value and sends an 
Alarm (immediate replenishment needed) request to the management. ..remote 
system management protocol format, and supporting secure access to a 
management server, such as authentication , privacy, and 
non-replication. 

The management protocol agent 304 for an embodiment of the present... 


..CLAIMS managed component further comprises periodically polling the 
managed component by the status monitor agent to determine if a 
local action is required. 

33. The method of claim 26, wherein monitoring the managed component 
further comprises periodically polling the managed component by the 
status monitor agent to determine if notification of an external 
system management component is required. 

34. The method of claim... further comprises means for periodically 
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polling the managed component by the status monitor agent to 
determine if a local action is required. 

76. The system of claim 69, wherein the means... 

...further comprises means for periodically polling the managed component 
by the status monitor agent to determine if notification of an 
external system management component is required. 

77. The system of claim... 
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Detailed Description 

... user a personal calling card number (e.g., a personal identification 
number (PIN) or an authorization code). A PIN or authorization code 
may include, e.g., a seven to fourteen (7-14) digit exclusive number. The 


...using a private branch exchange (PBX) 1 12. 

[00021] Passage of the Telecommunications Act of 1996, authorizing 
competition in the local phone service market, permitted CLECs (see FIG. 
2, 104c, for example... 

...In an exemplary embodiment, a button may be provided on the phone to 
indicate user authorization of use of value. In an exemplary 
embodiment, the value may be stored in a... 

...the value. 

[00033] In an exemplary embodiment, a method may include: prompting the 
user to authorize use of the value. According to an exemplary 
embodiment, user authorization may include, e.g., but not limited to, a 
validation; entry of a password; entry... 

...may include: prompting the user to replenish the value upon the value 
reaching a pre- determined threshold. 

[00037] In one exemplary embodiment, the method may include where the 
prompting may include... 

...account; a debit card account; a checking account; a money market 
account; and/or a credit card account. 

[00042] In an exemplary embodiment, the feature code and dialing sequence 
of the communications... 

...further include: prompting the user to replenish the value upon the 
value reaching a pre 

determined threshold. 

[00049] In another exemplary embodiment of the machine readable medium, 
the prompting of the... 

...one of: a savings account; a debit card account; a checking account; 
and/or a credit card account. 

[00054] In another exemplary embodiment of the machine readable medium, 
the feature code and... 

...graphical user interface (GUI) element, a button, a depressible 
spring-based button, a compressible plastic bubble based button, a 
touch screen, a pen based interface, a GUI input field, button, element, 
etc... 

...feature codes to notify the switch of the originating end of the call to 
display authenticating information to the pre-paid service provider 
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switch, such as, e.g., but not limited... 
...the value. 

[00087] In an exemplary embodiment, a method may include: prompting the 
user to authorize use of the value. According to an exemplary 
embodiment, user authorization may include, e.g., but not limited to, a 

validation; entry of a password; entry... 

...the user, place a transaction, making a purchase, for example, without 
needing to provide their credit card number over the telephone. Much 
like an EasyPass, after a user has set up the...embodiment, each time the 
value of a customer user's account may hit a pre- determined threshold 
level, then the user may press the LDS auto-key to connect to the... 

...account has been depleted to a zero balance (due for example to 
expiration of a credit card being used for automatic replenishment), 
then operation may be inhibited and diagram 600 may end... 

...have been captured, the user may be allowed to use a value of 
promotional minutes determined by the provider of the phone device 402 
that may have been pre-provisioned on... 

...payment; i. Post activation; 1. Exemplary functions may include 
accepting and charging users account via credit card ; a. Exemplary 
functions may include setting up Auto recharge at users request; b. 
Exemplary functions... 

...1 or integrated services digital network (ISDN) primary rate interface 
(PRI). An ISP can also attach to the Internet by means of a pipe or 
dedicated communications facility. A pipe can.. .it is appreciated that 
throughout the specification discussions utilizing terms such as 
"processing," "computing," "calculating," " determining ," or the like, 
refer to the action and/or processes of a computer or computing... 

...or other indication, etc., which may be used to any one or more of 
initiate, authorize , authenticate , and/or validate, or the like, a 
fee sharing arrangement. According to an exemplary embodiment... 

Claim 

... further comprising: prompting the user to replenish the value upon 
said value reaching a pre- determined threshold. 

7. The method according to claim 6, wherein said prompting comprises 
prompting via an... 

...market account; a savings account; a debit card account; a checking 
account; and/or a credit card account. 5 

12. The method according to claim 1, wherein the feature code and dialing 


...further comprises: prompting the user to replenish the value upon said 
value reaching a pre- determined threshold. 

19. The machine readable medium according to claim 18, wherein said 
prompting of the... 
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...market account; a savings account; a debit card account; a checking 
account; and/or a credit card account. 

24. The machine readable medium according to claim 13, wherein the 
feature code and... 

...said value. 

37. The method according to claim 29, further comprising: prompting the 
user to authorize use of said value. 

38. The method according to claim 37, wherein said authorizing 

comprises at least one of: prompting the user to provide at least one of 
a... 
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Detailed Description 

... according to bva/uip of user); CART (each cartA: seeks for 
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different signals in determining U's behavior / has different pr which 
takes and then processes BVA's signals accordingly... 

...and is controlled by C (UIP / uk objective of communication), which 
analyzes sounds and makes determined voice modulations. G. "Speech" ~ 
"Sound Analyzer" ( determining speaker's behavioral modes) UIP. 
Applications: if user is lying and which words tie to... 

...how the singer with only their natural means needs to make 
alterations-aim can be determined viaA: selecting from option in 
menu; PP; UlP-ap: good for music education; useful... 

...C1D = CID recognizer = C-T. o 5A-900 In-coming Telephone Sales System: 
Caller ID determines how call is handled within large tel networks: 
Incoming calls to large sales networks are... 

...to established customers, all depending on the sales person's 
characteristics. 5] UIP I BVA determines if soft or hard tel skills 
are needed (for technical support service) and: a] routes... 

...MP)/PP-applications: — C decides type voice frequency desired for 
particular applications. 11 UIP determines frequency (in sales, the 
caller ID of customer labels desired frequency); 2] K21 1-5A... 

...is related to above or? Below was dev 3.94: o 5A-900? Caller ID 
determines how call is handled: -o-Caller ID can be incorporated into PS 
system too D... 

...by-lines and or descriptions about the other party (as provided via 
UIP); ENTERTAIN:; FS **: attached to tel in diagram; GAME **:(each 
participant's caller id acts as one of their... 

...by merging following dataA: items purchased over tel line, 
purchases made with their cards ( credit cards , other member related 
cards) in other modes too. This way marketers develop detailed 
calculations about... 

...firms, the more sharing the larger & more complex the database system, 
and more accurate in determining customer characteristics. o-"sound 
analyzer" also helps in analyzing caller's behavior to some degree... 

...mm~c~t COLOR ** = S's COLOR changes according to the frequencies (what 
"sound analyzer" determines voice/sound to signify (happiness) / 
UIP.-D: sound = sound analyzer = C~tel = DISPLAY/TR = C.useful source 
of information for my/other's products to compile: UIP / SCORE. Or to 
determine if "access" is permissible; or develop questions for MQ, or 
answers for UQ.-makes contacting... 

...Applications: o If user hasn't risen from bed such call(s) can be 
activated. Determination of having risen is in my past inventions: 1] 
tripping of laser light shows person... 

...By Other Hands free Means;-Gen: Activation/Dialing/Deactivation 
UKY'remote" methods: UK. buttons separated/ attached to: TEL (tel can be 
replaced by other communication device (walkie talky, TR)-Foot pedal... 

...hold-caller's ID (shows their UIP)/caIler's city/country area code can 
help determine type music they would prefer-if desired, user can 
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program from their tel to havc.tel ("T") # / trunk, highly 
sophisticated systems use BVA %[& any useful elements from uip] to help 
determine / decipher who the speaker is (from others using said tel 
("T") # / trunk. CAMERA (LENS)A... 

...in which users k needed digits (as requested by voice mail / for 
extension #s) helps determine u's behavior. EgA: fast smooth 
entry is intelligence / familiarity w co or system... 

...kindly visit the detailed features section listed in the table of 
contents. ADAPTING ™ = Invention determines what is needed, and 
then automatically 'adapts itself. A common example is when it 'adapts... 

...system can help 'guide user in altering images. System's 'Visual 
analyzer with wide powers, determines the characteristics of the image 
to be altered. Later read more details in the detailed... 

...Public: 1. System 'senses it's outside the home. 2. adapt (UIP)'s 'sound 
analyzer determines some dog has barked. 3. Via hetero-associative 
memory it realizes there's a dog. 4. Via associative memory it 
determines it's the owner's dog. 5. adapt (UIP) responds to owner's dog 
barking... 

...at home. BA BEHAVIOR ANALYZER / *BVA = Behavior Analyzer. This 
important feature uses multiple means in determining the behavior of 
who or what it is kindly observing. This information is available to... 

...C = Computer. Central processing unit of this system and its inventions. 
CONTENT ANALYZER / CA = System determines the nature of a substance. 
Think of a substance you would like to have analyzed... 

...down; the window will only close far enough as not to cause damage. 3. 
It determines which functions are more valuable for the person, and 
'tailors accordingly. CUSTOMIZE = Same as 'Tailor... 

...for "D". The old definition for D was telephony. [Since "D" for diagram 
is easily verifiable due to context, e.g.: it normally was followed by 
a colon and then diagram... 

...or the 5 environment. It may adjust itself for greater EP. Analyzer 
uses sensors to determine what's happening. It 'seeks and reacts to 
designated situations. EXERCISE *♦ = 'Guides and allows... 

...something is based on its tag. . READ Later: Shows object's location 
(or person its attached to): Correlates an object's location in 
relation to that of other set objects, eg... 

...is notified when something happens. They are alerted to the occurrence 
of any designated event. Determines the nature and degree of urgency, 
and how best to alert the user. . READ Later... 

...user's listening abilities and preferences, e.g. offers higher volume 
when the Sound Analyzer determines there is background noise. OTD * = 
Other Technical Details. What can maybe be read later. Usually... 

...historical information. Step 2] identifies (past) patterns, especially 
searching for parameters as 'designated. Step 3] determines present and 
or future (known) events or parameters. Step 4] Fills in the missing 
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elements... 


...allows 'access to 'designated functions according to the zone of user 
and or what's attached to the 'positioning device. Q / QUESTION / 
QUESTIONNAIRE = System asks questions to get needed information. System 
...butler to handle matters as things come up. SENSOR(S) = Uses any 
available sensor to determine what has or is happening. Sensors can 
'score for the presence of certain chemicals. The... 

...status of a current situation? It is cheaper than hiring a live person. 
The feature determines the status of something based on what scores 
have come in. For example: This invention... 

...to what has been seen. . Read Later: Studies image thru its 'camera. 
"Analyzes" images. System determines what images are present, then 
system responds to images as programmed. It's 'tailored to... 

...own way of triggering the code. Examples: -human keys in 
code-characteristics of subject are determined (via sensors / uip), 
these characteristics hence trigger one or more applicable codes. 
— Drawing #1... 

...and identification cards.-Checks the right person is using their card by 
matching fingerprints. Applications: credit cards , ID card 
systems.-Can take fingerprints of those registered with (international 
agencies, then you might... 

...precaution too. It accepts those who are sending their payments in 
time.-use when using credit cards or other cards or other 
situations/products-eye in machine can ask person to put... 

...is built into the password. It can be the live or automated security 
guard that determines how to handle/' react such a flagged password 
user. Passwords later associated with minor deviant... 

...More serious deviation results in revocation until the password holder 
can pass diverse tests to authenticate themselves. 'Customization: 
Greater 'tracking is made upon user's whose 'scores suggest they're more 


...user's belief for what the [stolen] 'accessed feature possesses. This 
data can become legally authorized software like virus [which leaves a 
trail] that can hopefully later be deactivated if/when... 

...safe guard. End File: Ac-Ba + File: Access 
Ac-Ba "ACCESS-BEHAVIORAL ANALYZER" Introduction: System determines 
user's identity by their personality profile, in other words their 
pattern of behavior on... 

...a computer can be analyzed. System replaces a human sentry, which can 
permit access and determine if user's behavior is appropriate. Also 
uses fuzzy logic. Learn about our quick and... 

...The Sensitivity Rating Function tracks changes in the file's content or 
usage to automatically determine if an increase or decrease in the 
level of security is needed. + Do: Take material... 
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...uip-tailor". . "Education": correct behavior taught to accessor 
thereafter such (correct) behavior required. Needed "education" 
determined by accessor's behavior. . — Morning alarm: "designated" 
"reactions" from u (user) are "educated' - so... 

...private co's or credit rating agency or government] data base of 
people: -employer helps determine safety in issuing security clearance 
to 'designated users.-employer's info shared with the data base service 
can: — help determine employer's and database's 'analyzer in 
determining the 'user's new/changed security rating score. ' — help 
data base bureau's data... 

...from the same clients. Spell Checker: the same people often make 
identical spelling errors. Helps determine if correct party is the 
accessor. The language interface requested by user can also be... 

...to gaining (any type of) access to said system. Their: criminal record, 
behavior as somewhat determinable by their curriculum vitae; facial 
analyzers %; intuitive reports written by others at work place (about... 
can "edit" the file's label(s); if hackers accessed material previously, 
or "access controller" determines a higher / lower security rating is 
needed.-"Morning alarm": it's levels of: effectiveness, "entertainment... 

...alarm": those with more difficulty in waking. Composite factors: W5 
composite of factors used in determining "accessibility":-Any one or 
multiple factors determine = "access": one or multiple scores; the type 
score most applicable carries greater weight; system "merges... 

...30%= sys may permit access. Reasoning behind this: the score matching of 
other files helps determine legitimacy of accessor; system can narrow 
the level of tolerance for deviant scores for each... 

...how good it's uip-tailoring; user happiness. Also uses "questionnaires" 
answered by accessors in determining final scores; these ask accessors 
their: intuitive suspicion; user friendliness; how to alter scoring; W5 


...stalls "MOOD" = Accessor's level of: (happy) "entertainment". Their 
"mood" is used as score. Mood determined via: key word searches of what 
accessor inputted / '•'"experienced". "Morning alarm": uplifts 
user's... 

...so they're also mentally more awake. "PROMPT" = User's score / their 
uip-dbmuch determines type of prompt they'll get. "PS-ZONE" =-bulls' 
eye: Like concentric circles, the closer... 

...monitoring:-Does accessor give indications they are hacking another 
company's system (as well)= as determined via "track". -Other DB: 
Criminal records; accessor's school or university records. . Accessor's 
importation... 

...in general terms; gives differing examples, eg: computers judging how 
much credit to give to credit card applications based on other 
similar people's past histories. -UIP formerly titled "PI". -For Techies... 

...user, or "M"; user takes one or more test(s), the type and quantity are 
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determined by the desired application of product; another person or 
device (M) gives information about user... 

...microphone ("mic") (voice recognizer); mouse; mp; multi-user; uip's 
database guides system's functions ( determines the type, manner, 
timing, whether or not to notify, mq, osc, synth; pp; uip database... 

...actions-> database (behavior). Eg, Ubiquitous computing: u carries 
(tiny) "c" that communicate with other "c" embedded in: appliances, t, 
cars, walls, K a y s ' N . Eg: Xerox's Park Tab... 

...made with part or organism); pr (software program) ; PS (location of 
external product is a determining factor in deciding if any/type 
conncclion/conlacl is lo be made); R (remote control... 

...like the default mode to give you 10 minutes before such prompt (after 
sys has determined ("status") 80 percent of the past 50 interactions 
between u and mfh (mainframe hookup) were... 

...maybe u wouldn't want the change to occur w/o (without) their 
acknowledgement. Manufacturer determines to what degree uip-ta 
ilor will suggest or bypass fonner and simply alter... 

...ideas for research.-KN: medical prognosis sys that studies all the 
characteristics of illness in determining type of illness = 2E S 
suggests possible medications.-Suggesting possible combinations for drug 
to solve. ..7G050) = SW ('software) suggests: types of protection 
(protective gear); methods of (cautious) research (protocols) already 
determined to be safe via reference manuals on the subject or SW 
('software) (db). 0 "PR... 

...EDUC ; MULTI-USER ; pr (software program) ; Q (asks questions) ; ROUTER 
; +SCORE (given to each aspect = attached to each element of: goal 5 & 
potential ingredients); SENSOR (7G050); STATUS ; tds (time date stamper 


...at 0.5% of soup volume to be real salt. 2] This preferred percentage is 
determined via: what u (user) K (keyboard) / nr ('notifier) placed in 
soup. 3] User K (keyboard... 

...the company). -Each element has different files, according to the 
circumstance of its usage. "Analyzer" determines which sub 

files are applicable via, eg: label of file, % key word search, 
"status"*, uip... 

...only 2% of glove/container types are suitable for working with acids = 
next S W ('software) determines three best gloves/containers for said 
acid, listing best first. 4] If u (user) is... 

...be used) = S/Printer. 6] While research is taking place = "sensor" = 
"analyzer" = NR: when sys determines there is or could be (based on 
score) a situation needing special attention (danger, loss... 

...Manner in which images are generated / something is "edited" = is unique 
like finger prints= as determined via ba. The level and types of narrow 
scoring on "drawing" is unlimited.-"Character" = "Image... 
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...access can be changed / "edited" (according to w5 / uip (how accessor 
behaved, eg: they were determined to be a hacker) / creating additional 
hurdles).-These parameters change (gradually) as uip "analyzes" accessor 


...lesser tolerance for deviation from expected behavior / 'access 
requirements of user]. "EDIT" = BA=UIP-Tailor determines what 
("entertainment") u (user) (subject) should experience. The type 
experience "designated' - is designed to fit... 

...highest apple on third tree. See "Game"="Access". — How a user 
plays a game determines access: 1] sys studies u's moves via = uip, eg: 
u (user) prefers using rook... 

...files are merged= based on= ba. "MOOD" = Sys matches its 
characteristics with that of whafit determines user's behavior is like. 
. "Hint": the mood created gives cues / "prompts" for u (user) to answer 
"questions" (needed to help determine accessor's authenticity). .-This 
is an example of a subset of "Mood". And this "mood... 

...Sys generates questions which require correct (near correct) responses 
to gain / maintain access. Randomly selected authentication 
challenges.-DB uses file of questions= chosen at random= then "seeks"= 
correct "reaction" (answer). --Exists... 

...they've been identified by sys. 3] Sys monitors U's activities. Hidden 
(computerized) codes: embedded in stolen data: easier to "track" where 
these codes go; eases court prosecution. 2E25 1 Intelligent... 

...behavior analyzer) = Conclusions (Score) utilized by "analyzer" / 
UIP-DB. . Miscellaneous:-information used to monitor and determine who 
user is and W5 they are doing. . "Track": System identifies via a third 
party... 

...if accessor's changing rating stays good= uip-tailor / "access 
controller" permit access.-if system determines this user's usage of a 
sophisticated electronic system matched their normal behavioral profile, 
by... 

...being critiqued by said voice. Hackers may not know which is the correct 
voice, nor attach the voice with the needed answers. These voices may 
not have tags such as boss... 

...act in some manner to gain "access". This is a very broad area.-Example: 
"BA" determines if u / viewer had good/undesirable behavior (w/in 
parameters of system's ba of...s Parts Section. * Product's "access" 
functions +might be (slightly) altered according to U's determined 
(via: BVA/UIP) behavior. *-The OSCs sound quality (might be) is so 
excellent / similar in... 

...person better matches = then communicates w them to create maximum 
psychological impact (sales, "mood") as determined via "analyzer" / K / 
pr. D: mic = bva / uip = c = osc. . For techies: D: Organism being... 

...required ] = C = ACCESS 0 // ANALYZER () // EDIT = "Seek & React" = (sys 
edits out less needed input from: determination if accessor is 
legitimate) // NR (penalizes u when u acts poorly (undesirable behavior) 
= electric shock... 
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...TDS (w5 u behaved-> builds up UIP-DB) // TRACK 0 // UIP () . [UIP = DB 
collection] / "Question" to determine authenticity = Example of source 
that "analyzes" behavior: "Who do you think you are?", a CD... 

...out (at "designated" times). Eg: training animals to behave in certain 
ways by= having 'ba determine desired behavior= and if so= allowing 
access. See: KN's animal "tracking" and "analyzing" systems... 

...access controller ("tracks" W5 it monitors= punishes), since it can't 
always be trusted either.- Determines such type accessors based on 
their: performance or work results "score"; errors they make; psychotic 


...gaining access-pat search strategy: (tilt*) and (password* or activate* 
or access*). . R45 'Dynamic Signature Verification ': Write in your 
password. System identifies user's handw riting style too. 
[Communication Intelligence Coip, Redwood... 

...needed passwords are those that accessor knows or can guess, but 
difficult for hackers to determine . Subset of "Generate 
Passwords". -Value in changing passwords: u may not force themselves to 
change... 

...Altering responses to access 1 questions based on cue when such 
alterations should be made.-"Hint" / Cue determines how passwords are 
to be altered. Eg: l]if u receives tel call (from machine... 

...96: ((change* or changing or alter*) near9 (access* or accesses* or 
accessing or password* or verif *)) and (computer* or electr* or 
software*) not alternative-User must meet one or more differing... 

...hiding or hidden) nearl 1 (camouflag* or access*or accesses* or 
accessing or password* or verif *) and (computer*or electr* or 
software*)-Certain files can be kept closed or virtually unreadable... 

...need to study (ba)= accessor's. '-Example passwords: — subjects 
they commonly access or are authorized to access=access' caution 
"analyzer" is triggered when behavior is out of the ordinary. — ... 

...s). . Manner of hints are "editable" (according to "order* & timing" as 
guide).+ How System(s) determines how to "hint" = "uip-tailor": see:" 
generating passwords", and other access sections; what accessor 
previously... done in artistic / creative manner: "compose" sounds / 
lights / other Frequency-%(sys's (behavioral) "analyzer"(helps) 
determine entity (trying to gain access), according to type creative 
work, eg: similar to determining real composers /painters by 
characteristics in their work; balance: u must create/ hear sounds in... 

...access=bva (sys seeks certain audio Frequency / words / rhythms / 
decibels); c=access; camera: visual analyzer ( determines u (via uip / 
matching current lens' input w/ database of u)); cart: c(cart)=access... 

...other hurdles. -Accessor= generates "order & timing" related behavioral 
pattern(s)= permit "designated" "access".-Other elements determining 
timing of access: Gravity from moon or planets (see astrologers); 
astrological charts designating which days... 


EIC3600 SEARCH RESULTS 


136 


5/6/2009 


...based on u's "status" /"score". -9G220 Channel Scanner Skips Stations 
Having Commercials: (access/uip determines what (w5) u needs to view 
(access), communication datathal can selected include: t, mo data... 

...data must be tr by the second of three people. Access sys's = "analyzer" 
randomly determines which of the three A/B/C allows access (on a month 
by month basis... 

...brands of soy sauce or other Asian sauces.-Labels on products w/ 
designated chemicals. Labels attached to product. Eg: Floppy disks; 
"cart". -Passwords can be built into part of product. Only... 

...access". -Exists: bar code readers for "billing"; magnetic strips on flat 
keys for "access" and credit cards ; microchips built into keys for 
"access", eg: on Cadillac cars. -Patentability: System(s) "seeks" elements 


...alarm": are body odors slightly different in morning? If so this can be 
utilized to determine wakefulness. Applicable to animals being 
researched? "SOUND ANALYZER" = Synthesizer: Password is the setting 
needed to... 

...5A500 Sound Lock: Activate lock by emitting special inaudible sounds 
from tiny pocket device. +-Key attached to the sound transmitter. 
+-sounds may be inaudible to human ear, lock opens. Helps preventadding 
tosecurity.-4E020 Content & Date Verifier : of (any said) occurrences, 
eg: "tracks" occurrences; "analyzes" occurrences (for uip)"Speech": voice 
recognizing System(s) seeks certain sounds "sa".-Patents: 5450524 
Password verification system based on a difference of scores ("scores") 
of type sounds (SA); 54993 1 audible... 

...be used to create "artist's" images-> gain "access": Manner of sound 
generation (by u) determines type image. Accessor= generates sound 
pattern(s)= permit "designated" "access". , . Changeable password 
elements. "Order Sc.. 

...from u (as u walks by "sensor");Magnetic Device. . Rl 27 [ Commuter's 
train ticket credit card : circuit emits frequency read by device in 
ticket gate. JR (Japan Railway) ]. Also copied to... 

...being: a size (fits into slot);include a microchip with built in 
password; (standard) key; attached to another kn (invention) password 
generating device. "Transmitter" = Accessor's "Key".-Drawing: similar or 
opposite... 

...airwave.-activation via vibration(s)-the level of vibration (impact 
/movement) and or the code determine "access". The 'code' is 
determined by: time period of each vibration mode / time period between 
each mode / level of vibration... 

...into their "designated' - "trap". Morning Alarm: if user turns off system 
/ deactivates alarm * in/on- authorized manner= punishments can include: 
loss of files /other functions alarm System(s) is tied to... 

...people according to their access/uip (code)).5G061 Dyslexia Software: 
(speed at which info given determinedly u's access: either u gets info 
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faster (inhibits uninitiated computer hackers) / SW (Software) slows... 

...or pictur* or (bar near2 code)) near9 (access*or accesses* or accessing 
or password* or verif *) and (computer*or electr* or software*)Accessor= 
generates image pattem(s)= permit "designated""access". Changeable... 

...permits 'access to any privilege described in the "access" part. . 
Applications include: (deactivate alarm; additional verification of u 
(user) (person trying to gain access (via matching images / uip-ba 
(signature analysis... 

...in order to avoid hackers getting a non-changing password type image or 
method. Sys determines (from hacker's point of view) haphazardly w5 
needed images are changed (according to circumstances). — For 
Teenies: Drawing: User = This (invention) Sys (what helps in the 
determination ("analyzer") for type images needed = % type images given 
(entered); type prompts and or other challenges... 

...be drawn.-Prompts: For Techies: Drawing: User = This N (invention) Sys 
(type prompts given u determined via) ~ c (computer) = ACCESS ; 
ANALYZER ; CART ('software cartridge) ; EDUC ; mfh (mainframe hookup) ; 
MULTI-USER ; PR... 

...KW: access-US Patent Numbers: 5319797 5222138 4903991 4908861 4991205 + 
5 1 1 1512 Method for signature verification -1992 patent. Access is given 
with correct signature. 4850018 4869946 4758718 4799258 4816653 4851937 
4876717... 

...one walks about near the motion "sensor" = "access".-UIP / BA: these are 
also used in determining whether access is permitted. Sys "analyzes" 
past and current images generated by User and studies... 

...and/adjl 5 ((gain adj9 access*) or enter* or password* or secur* or 
protect or authoriz *-US Patents: 5491752 Increases difficulty of 
password guessing attacks. — Pat search str: Worked w... 

...UIP" (uip-db)-password itself encrypted = and only decrypted by access 
point's "analyzer" = to determine if access permitted. + See "Artist" 
image generating modes: any of these can create the necessary... 

...scanned the list, eg: 5323465 Access control; 5289540 Computer file 
protection system; 52763 14 Identity verification system resistant to 
compromise by observation of it use; 5206905; 5 1 1 5508; 5 1111 85%; 
5097506.-US... 

...at search strategy for all of "Access": (access* or accesses* or 
accessing or password* or verif *) and (comput 

er* or electr* or software*) File: Access 
Ac-Pa ACCESS PATENTS AND PATENT... 

...only scanned the list, eg: 5323465 Access control; 5289540 Computer file 
protection system; 5276314 Identity verification system resistant to 
compromise by observation of it use; 5206905; 5 1 15508; 5 111 185%; 
5097506... 
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Claim 

... and adaptive designs' database of features. This interface is designed 
for both potential licensees, and authorized people with higher 'access 
privileges. All agreements must be in writing from authorized person, 
other interactions are brainstorming. . Licensees seeking zero royalty 
payments during a trial period exceeding... 

...on the system's 'computer. . Search Engine Like Searching: The millions 
of criteria used to determine relevancy by functions related to web 
search engines can be used. — eg: Google.com...integrate to 'adapt. 
[Can] learn on CRCs (work station)/N/printed information (book). EGH * = 
The determination of changes in difficulty (via score, uip) and 
'correlated invention for 'adapted purpose can be... 

...every other part/invention/claimable matter via a nearly infinite number 
of methods. CONTENT & DATE VERIFIER 4E020 REGISTRAR: Track which 
inventions were used. System proves who did what electronically trackable 
event... 

...uses needed aspects of the united invention, to achieve the desired 
function. The need is determined through 1350 an 'analyzer. Adaptive 
Design 'tailors itself to needs based on available resources . Summary 


...definitions/functions greatly overlap. Summary rewritten using many 
parts (function) terms: 'User (has their needs = determined by 
themselves or UIP) = Optional Occurrences: 

1 . User is 'educated and 'guided to [better] determine what [invention 
or function] they want; and how to use and of benefit from it... 

...carry out desired function. Simplified nodules may receive additional 
parts to carry out desired functions ( attached /snapped on by user) 
according to (central computer's, teacher's, common sense, book's... 

...the product description and diagrams-. The inventor's description in his 
native language is also attached for mailing. .-Letter is available in 
1 8 languages, and cart be selected by user-User... 

...serves also as a type of interactive computerized point of sale, 
aooipting credit cards , etc. -software is likely to offer 
possible suggestions and or directions into the right branch... 

...predicted to come out of invention are selectable and with prices . This 
information can be attached to letter inventor sends to manufacturer 
.-this is more fun than playing chess or watching... 

...the letters 

5: CD-ROM reader; pre-recorded music generating system; etc 
6: 

6a. -Analyzer Determines Sound Effects: sounds are generated to 
stimulate user's creativity. The system selects appropriate sounds...in 
the product number 's central description or in one of its branches; and 
or determined by: the user / *target parties (via : "creator's" central 
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computer; and or mp/pp/cart... 


...both the situation and a (potentially corresponding) need. Its broadly 
termed "analyzer" ('behavior analyzer = 'score) determines what will 
best meet that need. This leads to an output which includes: a 'tailored 


...the situation. UIP's Invention Creating Machine Claim shows: . How a 
list of needs are determined , and then is correlated with a list of 
potential functions (inventions in the .'.-.:. 1359 i... 

...rejlearn to use [poor/[non] functioning] parts of human/organism brain. 
'Tailor tests user to determine brain functioning 'traits = then 
designs 'educational program = then 'guides and rewards user.-See 3CE 
file... 

...better] meet needs [even if all functions/aspects remain [mostly] 
available: Another mode/function is determined to better meet needs = 
then system goes via new links/functions [to better 'adapt itself... 

...default mode = and need gets met [with only temporary 
interruption/aberration] until new mode is determined testedtoetter 
'adapted (after it [re] learns needs). 5-A user [person/(another) system] 
can request/suggest/get 'guided into determining alternative/better 
modes. Figuring Out Something Is Not Working Right So Other Functions 
Compensate: ' , : 1361 Topic Reworded- Determining Something Is No OK. 
Should any number of functions/parts be unavailable, how the remaining... 

...functions can 'adapt and still provide [all/some of] the same functions. 
How to [Automatically] determine a [current] function/mode is 
[not] -ideal/inoperable. E.G.: When user: disappeared / changed their... 

...also] used for creating the 'score. -Signals sent to/from [central] and 
function-to [help] determine its state of functioning based on whatever 
criteria, e.g.: how useful it is/was... 

...altering the mode, and or 'seeking a new function by creating a new 
link] = then verifying if the new link/ function achieves a [better] 
'score. — Function [continually] does self checks... 

...sound analyzer hears a truck stopping at the same time via its 'time 
date stamp. DETERMINING A FEATURE(S) ISN'T IDEAL: [Parts Section #1|: U 
= Applicable Functions Of Invention [1... 

...minimum] 'score has changed (for the worse)] ~ ' C (CPU) / Analyzer = 
[Parts Section #2] -How Analyzer Determines Something Isn't ideal: 
ACCESS (Security Control)[not granted (despite repeated attempts to gain 
entry... 

...guidance that doesn't directly ask user to 'score the function, but by 
inference (may) determine a malfunction is occurring-eg: user couldn't 
provide (proper) answer/feedback about something they... 

...parts) listed are important in this application. EXAMPLES IN SPECIFIC 
PARTS: Shows how it's determined a part isn't OK, then how to 
compensate. U / Another Function = This N Sys [1. Determining 
Function's Not OK. 2. Compensation(s)-Solving Problem By 'Rerouting To 
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Other Function(s)]-C = ACCESS [ determining what's not OK] = IParts 
Section # 1 J: U = 'Access = IParts Section #2 — Access maybe... 

...sub-parts/rem 7iants for all/portion of itself in each (main) part. 
This determines what's not OK about the 'access part; then can 
compensate by 'analyzing/'tracking user... 

...is controlled automatically by 'seeks & reacts] T (Telephony) [system 
connects to other functions/sy stems to determine if something is not OK 
/ compensate] // UIP (User Info Programming) ['adaptation occurs 
automatically without 'analysis... 

...EDIT = 'tailor the text; artist-edit. EDUCATION = 'tailor = 'guide. 
Access appropriate files. Analyzer / 'Behavior Analyzer determines 
what needs to be taught. 'EGH. Answers to 'Questions = 'Guide / Analyzer 
/ 'Tailor. 2 5 ENTERTAINMENT... 

...the needed situation via: 'multi-media, 'entertainment, 'order & timing 
for how it functions; 'predicting; 'analyzer determining what is needed 
w5 and in what 'order and timing. 35 K (Control via keys) = 'Remote 
control; 'tilt, 'tailor determines user's needs without user needing to 
key in their interests. Creating 'artist related 'images... 

...hand and [wireless] device's 'osc will sound. 2] GPS; PD'; 'distancer 3] 
'Sound analyzer determines where the sound is coming/came from, its 
change in location and speed. 4] "Notifier... 

...date stamp signals the = 'notifier. 55 MOTION SOUNDER = 'vibration 
analyzer = 'osc MULTI-USER * = Different user determined via = 'access 
[password] / 'ba how something is requested to be ,-..'.:., . 1365 
'tailored by user or... 

...made improper/questionable 'access [spent too much time in highly 
protected topics/'zones] = which is determined by 'scoring = the 
occurrence is then 'analyzed and system determines to continue 
'tracking / deny [full] 'access. 2. The pattern by which person is 
[getting] 'routed = results in 'reactions [functions for which are likely 
to trigger the 'notifier / 'tds determines there's a lack of timely 
payment] = then system 'reacts by further 'tracking / 'routing person... 

...re]learn to use [poor/ [nonfunctioning] parts of human/ organism brain. 
'Tailor tests user to determine brain functioning 'traits = then 
designs 'educational program = then 'guides and rewards user.-See 3CE 
file... seeds w/ stickers) on fur, ticks, dander, dandruff, (shedding 
hair/skin).-(Pet) Collar: gives access. ( Embedded ) pet ID.-BA: connects 
UIP (of pet or master)=w pet's (behavior /needs of... 

...of whether other pet behavior parameters have been met).-% pet learns 
new tricks: sensor is attached to determine how pet has acted (w5). 
Issues:-No cleaning device may be perfect but this one... 

...toys, etc. -Bird bowel (BM) movement is the main problem with enjoying 
pet birds. -Sensor' determines BM occurred. Then the gate opens 
automatically. Gate only closes (slowly and gently) after the movement 
sensor' determines the bird has come back inside. -BM Sensor can be 
triggered by: 
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l.BirdBM... 


...analyzer. 

2. Bird must have BM over any or part of bird floor cage. Sensor 
determines BM via, A. (greater) vibration (than the norm) from the BM 
drop. B. presence of... 

...alone (while having a party))] // ANALYZER [] // BA [times pets i.e. 
coming thru door] // CART [ attached to collar; emits scent (to 
attract/repel bugs/other dogs)] // EDUC [teaches pet to wait... 

...on/made more difficult, in stages as [pet learns/becomes accustomed] / 
[additional cleaning needed]. Can attach on other [previously patented] 
cleaning/' access restriction device(s). OTHER ENTITIES SEEKING 'ACCESS: 
. Clean Mobile... 

...AREA AROUND DOOR RAKES THE FUR/CLEANS PAWS: Make the actual door made 
out ofi' attached to with some kind of cleaning device(s), door mats, 
plastic covered with cloth(or... 
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Detailed Description 

... a logon message to the remote 

device and instantiates a profile transaction executor component to 

authenticate a customer. A navigation shell component notifies the 

remote device of the list of 

6...3C. 

Figs. 5 A to 5D are flow charts depicting operations of the delivery 
system in authenticating a customer. 

Figs. 6A to 6C are partial block diagrams of the delivery system 
depid ing...the front door man component 5 1 adds a session security token 
to outgoing messages and verifies the session security token for 
incoming messages. 

1 5 For sessions with a CAUCASST 16. ..control devices via an acquisition 
mechanism. 

Upon request, the session device manager component 63 first determines 
the availability and capability of the acquired device and returns the 
device ...client. The session device manager component 63 queries the 
peripheral device manager component 62 to determine devices available 
to the system, queries the delivery capabilities to determine the 
available remote devices and creates instances of those devices for use 
by session components.. .The crypto man component 75 manages secret keys 
associated with external service providers and performs authentication 
of public key 

1 7 

certificates. The crypto man component 75 holds security keys for.. .and 
status indicator. The status monitor 1 5 agent monitors status instrument 
variables and events, determines if an external 

system management product needs to be notified, and sends any important 
@4...the initial welcome page to the 

customer and collects customer identity and preference information. After 
determining the issuer of the customer ID and possibly authenticating 

the customer, the welcome mat component 8 1 instantiates several customer 
services objects to hold information... 

...for issuer. The welcome mat component 81 instantiates a profile 
transaction executor component 91 to authenticate the customer and get 
the customer's relationships or customer profile. This process typically 
involves... 

...customer data micro app. 

The welcome mat component 81 may do four things for customer 
authentication based on acquirer rules and the type of customer ID, 
such as public key certificate, ATM card, credit card , on-us, or 
off-us. The welcome mat 

2 1 

component 81 may provide immediate local authentication using public 
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key 

certificates or may provide immediate authentication with the issuer, 
waiting for a 

response. The welcome mat component 81 may also provide background 
authentication with the issuer while going on to the navigation shell 
component 82 or may defer authentication to the first transaction. With 
deferred authentication , 

the welcome mat component 81 may need to instantiate a default customer 
relationship component 1 13 and a default set of product types, such as 
checking, savings, or credit card . If a rule broker component 121 
does not have a registered 
issuer for the card... 

...a customer ID component 1 1 1 is 

I 0 instantiated and marked invalid, further authentication of the 
customer is skipped, and a navigation shell component 82 for invalid 
customers is. ..executor component 91 validates properties ol'data 
obtained from mini-app dialog components 83 to determine whether the 
required information needed to do the transaction exists. If the data is 
missing... card information, if a card was used, including the type of 
card, such as ATM, credit card , SmartCard, and tracks present and 
track data. The customer ID component 1 1 1 knows... 
...instance,, business I 0 code, financial institution identifier, and 
issuer type, such as bank card, credit card , or other third party 
card. The issuer component II 2 knows the PIN length supported... and the 
navigation schemes supported. The issuer component II 2 knows when or how 
to authenticate customer, such as by local validation of public key 
certificate, immediate to issuer, background to...component 122, and 
welcome mat component 8 1. 

The session component 132 sends touch point attached notification to 
each of the components and supports registration of additional session 
components that need.. .presented with a consistent and familiar interface 
regardless of the remote device used. 

B. Customer Authentication 

An example of the process of authenticating a customer will now be 
described with reference to Figs. 5A to 5D and Figs... 

...step E22, the touch point interface component 41 forwards the message to 
the appropriate session bubble based on the session ID in the session 
cookie. At step E3, the front door man.. .the welcome mat I 0 component 81 
instantiates the profile transaction executor component 91 for 
authenticating the customer and then passes the CIN and encrypted PIN to 
the transaction executor component... abstracted. 

The delivery system 12 can easily support multi-media. HTML has wellknown 
means for embedding and referencing a wide range of media types, for 
instance graphics, sounds, and movies. The...session bubble starts up 
normally at the CAT 16. When the welcome mat component 81 determines 
that this customer is off-region, the 
welcome mat component 81 makes a connection to... 

...I and issuer components 1 12 on the NetCAT server 200. After NetCAT 
server 200 authenticates the customer, with its own external service 
provider, the NetCAT server 200 starts up a...rule "answerer" may be 
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installed or replaced independently from components which use that data 
to determine answers to rule questions. 

In general, a business rule is a statement of policy driven... 
authorities, the rule engine has no specific knowledge of rules or 
applications. The rule engine determines answers for rules and is used 
by the rule broker component 121 and calls the... contains specific rules 
for 

dispense amounts and ask the peripheral device manager component 62 to 
determine what denominations are available. 
10 

B. Example Two. Maximum PIC Retries? 
As another example... 

Claim 

... man component for adding security tokens to messages sent to the 
remote device and for verifying security tokens on messages received 
from the remote device. 

8 The system as set forth... 

...forth in claim 9, wherein the welcome mat 
component instantiates a profile transaction executor to authenticate 
the customer. 

12 The system as set forth in claim 9, wherein the welcome mat...the 
welcome mat component a profile transaction executor component, the 
profile transaction executor component for authenticating a customer. 
59 

43 The method as set forth in claim 40, further comprising a...tokens on 
messages sent to the remote device with the front door man component, and 
verifying with the front door man component the security tokens on 
messages received from the remote... 
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Description of the Drawings: 

...0042] are flow charts depicting operations of the delivery system in 

authenticating a customer... 

Description of the Invention: 

...a logon message to the remote device and instantiates a profile 
transaction executor component to authenticate a customer. A navigation 
shell component notifies the remote device of the list of available. ..the 
events. In addition, the status monitor agent can periodically poll the 
managed component to determine if a local action is required.. .the 
front door man component 5 1 adds a session security token to outgoing 
messages and verifies the session security token for incoming messages. 
For sessions with a CAT/CASST 16, the. ..control devices via an 
acquisition mechanism. Upon request, the session device manager component 
63 first determines the availability and capability of the acquired 
device and returns the device reference to the client. The session device 
manager component 63 queries the peripheral device manager component 62 
to determine devices available to the system, queries the delivery 
capabilities to determine the available remote devices and creates 
instances of those devices for use by session components...The crypto man 
component 75 manages secret keys associated with external service 
providers and performs authentication of public key certificates. The 
crypto man component 75 holds security keys for each external...variable, 
counter, and status indicator. The status monitor agent monitors status 
instrument variables and events, determines if an external system 
management product needs to be notified, and sends any important "alarms 
...the initial wome page to the customer and collects customer identity 
and preference information. After determining the issuer of the 
customer ID and possibly authenticating the customer, the wome mat 
component 81 instantiates several customer services objects to hold 
information... 

...for issuer. The wome mat component 81 instantiates a profile transaction 
executor component 9 1 to authenticate the customer and ...0090] The 
wome mat component 8 1 may do four things for customer authentication 
based on acquirer rules and the type of customer ID, such as public key 
certificate, ATM card, credit card, on-us, or off-us. The wome mat 
component 81 may provide immediate local authentication using public 
key certificates or may provide immediate authentication with the 
issuer, waiting for a response. The wome mat component 81 may also 
provide background authentication with the issuer while going on to the 
navigation shell component 82 or may defer authentication to the first 
transaction. With deferred authentication , the wome mat component 81 
may need to instantiate a default customer relationship component 1 13 and 
a default set of product types, such as checking, savings, or credit 
card . If a rule broker component 121 does not have a registered issuer 
for the card/CIN prefix number, a customer ID component 1 1 1 is 
instantiated and marked invalid, further authentication of the customer 
is skipped, and a navigation shell component 82 for invalid customers is 
...executor component 91 validates properties of data obtained from 
mini-app dialog components 83 to determine whether the required 
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information needed to do the transaction exists. If the data is missing 
...card information, if a card was used, including the type of card, such 
as ATM, credit card , SmartCard, and tracks present and track data. 
The customer ID component 1 1 1 knows the tier...identity, for instance, 
business code, financial institution identifier, and issuer type, such as 
bank card, credit card , or other third party card. The issuer 
component 1 12 knows the PIN length supported and... 

...supported, and the navigation schemes supported. The issuer component 
112 knows when or how to authenticate customer, such as by local 
validation of public key certificate, immediate to issuer, background to 
...man component 122, and wome mat component 81. The session component 
132 sends touch point attached notification to each of the components 
and supports registration of additional session components that need0121] 
B. Customer Authentication 

[... 

...0122] An example of the process of authenticating a customer will now 
be described with reference to FIGS. 5A to 5D and FIGS... 

...step E22, the touch point interface component 41 forwards the message to 
the appropriate session bubble based on the session ID in the session 
cookie. At step E3, the front door man.. .step E28, the wome mat component 
81 instantiates the profile transaction executor component 91 for 
authenticating the customer and then passes the CIN and encrypted PIN to 
the transaction executor component.. .The delivery system 12 can easily 
support multi-media. HTML has well-known means for embedding and 
referencing a wide range of media types, for instance graphics, sounds, 
and movies. The.. .session bubble starts up normally at the CAT 16. When 
the wome mat component 8 1 determines that this customer is off-region, 
the wome mat component 81 makes a connection to... 

...component 111 and issuer components 1 12 on the NetCAT server 200. After 
NetCAT server 200 authenticates the customer, with its own external 
service provider, the NetCAT server 200 starts up a.. .rule "answerer" may 
be installed or replaced independently from components which use that 
data to determine answers to rule questions. ..authorities, the rule 
engine has no specific knowledge of rules or applications. The rule 
engine determines answers for rules and is used by the rale broker 
component 121 and calls the. ..contains specific rales for dispense 
amounts and ask the peripheral device manager component 62 to determine 
what denominations are available. ..heterogeneous environment. Another 
problem with current attempts to manage and monitor devices is that they 
attach the issue of the communications to the central node, such that 
the design of local., .controller. The status monitor agent 308 monitors 
managed components and their instrumentation variables and events, 
determines if a local action is required or an external system 
management product, such as system... cass2 response to the status 
monitoring agent 308. At S32, the status monitoring agent 308 determines 
the true cash value and sends an Alarm (immediate replenishment needed) 
request to the management... remote system management protocol format, and 
supporting secure access to a management server, such as authentication 
, privacy, and non-replication... 
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Description of the Invention: 

...user a personal calling card number (e.g., a personal identification 
number (PIN), or an authorization code). A PIN or authorization code 
may include, e.g., a seven to fourteen (7-14) digit exclusive number. The 
...0024] Passage of the Telecommunications Act of 1996, authorizing 
competition in the local phone service market, permitted CLECs (see FIG. 
2, 104c, for example. ..In an exemplary embodiment, a button may be 
provided on the phone to indicate user authorization of use of value. 
In an exemplary embodiment, the value may be stored in a prompting the 
user to authorize use of the value. According to an exemplary 
embodiment, user authorization may include, e.g., but not limited to, a 
validation; entry of a password; entry... 

...may include: prompting the user to replenish the value upon the value 
reaching a pre- determined threshold.. .account; a debit card account; a 
checking account; a money market account; and/or a credit card 
account... further include: prompting the user to replenish the value upon 
the value reaching a pre- determined threshold.. .one of: a savings 
account; a debit card account; a checking account; and/or a credit 
card account.. .graphical user interface (GUI) element, a button, a 
depressible spring-based button, a compressible plastic bubble based 
button, a touch screen, a pen based interface, a GUI input field, button, 
element, etc. ..feature codes to notify the switch of the originating end 
of the call to display authenticating information to the pre-paid 
service provider switch, such as, e.g., but not limited...0090] In an 
exemplary embodiment, a method may include: prompting the user to 
authorize use of the value. According to an exemplary embodiment, user 
authorization may include, e.g., but not limited to, a validation; entry 
of a password; entry... the user, place a transaction, making a purchase, 
for example, without needing to provide their credit card number over 
the telephone. Much like an EasyPass, after a user has set up the... 
embodiment, each time the value of a customer user's account may hit a 
pre- determined threshold level, then the user may press the LDS 
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auto-key to connect to the.. .account has been depleted to a zero balance 
(due for example to expiration of a credit card being used for 
automatic replenishment), then operation may be inhibited and diagram 600 
may end... have been captured, the user may be allowed to use a value of 
promotional minutes determined by the provider of the phone device 402 
that may have been pre -provisioned on.. .0122] 1. Exemplary functions may 
include accepting and charging users account via credit card ...Tl or 
integrated services digital network (ISDN) primary rate interlace (PR1). 
An ISP can also attach to the Internet by means of a pipe or dedicated 
communications facility. A pipe can.. .it is appreciated that throughout 
the specification discussions utilizing terms such as "processing," 
"computing," "calculating," " determining ," or the like, refer to the 
action and/or processes of a computer or computing... or other indication, 
etc., which may be used to any one or more of initiate, authorize , 
authenticate , and/or validate, or the like, a fee sharing arrangement. 
According to an exemplary embodiment... 

Exemplary or Independent Claim(s): 

Non-exemplary or Dependent Claim(s): 
...further comprising: 

prompting the user to replenish the value upon said value reaching a 

pre- determined threshold... market account; 

a savings account; 

a debit card account; 

a checking account; and/or 

a credit card account... further comprises: 

prompting the user to replenish the value upon said value reaching a 

pre- determined threshold... market account; 

a savings account; 

a debit card account; 

a checking account; and/or 

a credit card account37. The method according to claim 29, 
further comprising: 

prompting the user to authorize use of said value... 

...38. The method according to claim 37, wherein said authorizing 

comprises at least one of: 

prompting the user to provide at least one of a... 
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Description of the Invention: 

...a logon message to the remote device and instantiates a profile 
transaction executor component to authenticate a customer. A navigation 
shell component notifies the remote device of the list of available... 
0030] FIGS. 5A to 5D are flow charts depicting operations of the delivery 
system in authenticating a customer... the front door man component 51 
adds a session security token to outgoing messages and verifies the 
session security token for incoming messages. For sessions with a 
CAT/CASST 16, the.. .control devices via an acquisition mechanism. Upon 
request, the session device manager component 63 first determines the 
availability and capability of the acquired device and returns the device 
reference to the client. The session device manager component 63 queries 
the peripheral device manager component 62 to determine devices 
available to the system, queries the delivery capabilities to determine 
the available remote devices and creates instances of those devices for 
use by session components. ..The crypto man component 75 manages secret 
keys associated with external service providers and performs 
authentication of public key certificates. The crypto man component 75 
holds security keys for each external. ..variable, counter, and status 
indicator. The status monitor agent monitors status instrument variables 
and events, determines if an external system management product needs 
to be notified, and sends any important "alarms.. .the initial welcome 
page to the customer and collects customer identity and preference 
information. After determining the issuer of the customer ID and 
possibly authenticating the customer, the welcome mat component 81 
instantiates several customer services objects to hold information.. .for 
issuer. The welcome mat component 81 instantiates a profile transaction 
executor component 91 to authenticate the customer and get the 
customer's relationships or customer profile. This process typically 
involves0067] The welcome mat component 81 may do four things for 
customer authentication based on acquirer rules and the type of 
customer ID, such as public key certificate, ATM card, credit card , 
on-us, or off-us. The welcome mat component 81 may provide immediate 
local authentication using public key certificates or may provide 
immediate authentication with the issuer, waiting for a response. The 
welcome mat component 81 may also provide background authentication 
with the issuer while going on to the navigation shell component 82 or 
may defer authentication to the first transaction. With deferred 
authentication , the welcome mat component 81 may need to instantiate a 
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default customer relationship component 113 and a default set of product 
types, such as checking, savings, or credit card . If a rule broker 
component 121 does not have a registered issuer for the card/CIN prefix 
number, a customer ID component 1 1 1 is instantiated and marked invalid, 
further authentication of the customer is skipped, and a navigation 
shell component 82 for invalid customers is.. .executor component 91 
validates properties of data obtained from mini-app dialog components 83 
to determine whether the required information needed to do the 
transaction exists. If the data is mis sing... card information, if a card 
was used, including the type of card, such as ATM, credit card , 
SmartCard, and tracks present and track data. The customer ID component 

111 knows the tier... identity, for instance, business code, financial 
institution identifier, and issuer type, such as bank card, credit 

card , or other third party card. The issuer component 1 12 knows the PIN 
length supported and... 

...supported, and the navigation schemes supported. The issuer component 

112 knows when or how to authenticate customer, such as by local 
validation of public key certificate, immediate to issuer, background to 

...man component 122, and welcome mat component 81. The session component 
132 sends touch point attached notification to each of the components 
and supports registration of additional session components that need... 
0098] B. Customer Authentication 

[... 

...0099] An example of the process of authenticating a customer will now 
be described with reference to FIGS. 5A to 5D and FIGS... 

...step E22, the touch point interface component 41 forwards the message to 
the appropriate session bubble based on the session ID in the session 
cookie. At step E3, the front door man.. .step E28, the welcome mat 
component 81 instantiates the profile transaction executor component 91 
for authenticating the customer and then passes the CIN and encrypted 
PIN to the transaction executor component... The delivery system 12 can 
easily support multi-media. HTML has well-known means for embedding and 
referencing a wide range of media types, for instance graphics, sounds, 
and movies. The. ..session bubble starts up normally at the CAT 16. When 
the welcome mat component 8 1 determines that this customer is 
off-region, the welcome mat component 81 makes a connection to... 
component 111 and issuer components 1 12 on the NetCAT server 200. After 
NetCAT server 200 authenticates the customer, with its own external 
service provider, the NetCAT server 200 starts up a...rule "answerer" may 
be installed or replaced independently from components which use that 
data to determine answers to rule questions. ..authorities, the rule 
engine has no specific knowledge of rules or applications. The rule 
engine determines answers for rules and is used by the rule broker 
component 121 and calls the.. .contains specific rules for dispense 
amounts and ask the peripheral device manager component 62 to determine 
what denominations are available... 
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Abstract: 

...with the present invention help to ensure that information is 
accessed and used only in 1 authorized ways, and maintain the integrity, 
availability, and/or confidentiality of the information. Such electronic 
appliances... 

Description of the Invention: 

...technologies that help to ensure that information is accessed and/or 
otherwise used only in authorized ways, and maintains the integrity, 
availability, and/or confidentiality of such information and processes 
related.. .to control the use of proprietary information. Content 
providers often need to limit use to authorized activities and amounts. 
Participants in a business model involving, for example, provision of 
movies and... 

...discs may include actors, directors, script and other writers, 
musicians, studios, publishers, distributors, retailers, advertisers, 
credit card services, and content end-users. These participants need 
the ability to embody their range of. .distributors have devised a number 
of limited function rights protection mechanisms to protect their rights. 
Authorization passwords and protocols, license servers, "lock/unlock" 
distribution methods, and non-electronic contractual limitations imposed 
...in electronic information. It can, for example, help ensure that 
information is used only in authorized ways...information-the present 
invention can, for example, help ensure that data is used only in 
authorized ways. ..0034] (b) ensure that content is used only in 
authorized ways; and.. .all content creators, providers, and users to 
employ the same electronic rights protection solution. Under authorized 
circumstances, the participants can freely exchange content and 
associated content control sets. This means that.. .can enable control of 
content use such as displaying, encrypting, decrypting, printing, 
copying, saving, extracting, embedding , distributing, auditing usage, 
etc. The secure subsystem in the preferred embodiment comprises one or 
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more. ..01 17] (7) Secure communications means employing authentication , 
digital ...encrypted transmissions. The secure subsystems at said user 
nodes utilize a protocol that establishes and authenticates each node's 
and/or participant's identity, and establishes one or more secure host... 
parties can trust that such information cannot be received by anyone 
other than the intended, authorized , party(ies) because it is encrypted 
such that only an authorized party, or her agents, can decrypt it. Such 
information may also be derived through a...s usage control information, 
for example, provide for property content and/or appliance related: usage 
authorization , usage auditing ( which may include audit reduction), 
usage billing, usage payment, privacy filtering, reporting, and.. .by 
certain VDE participant control information that assesses whether certain 
other electronic terms and conditions attached to content and/or 
submitted by another party are acceptable (do not violate acceptable 
control.. .e.g. in the form of a method) might specify that sufficient 
credit from an authorized source must be confirmed as available. It 
might further require certain one or more load modules execute as 
processes. ..such as RSA to protect communications and to provide the 
benefits of digital signature and authentication to securely bind 
together the nodes of a VDE arrangement, secure processing of important 
transaction.. .upon historical usage variables, and (d) reporting to users 
in a manner enabling users to determine whether a certain item was 
acquired, or acquired within a certain time period (without requiring... 

...that a content and/or appliance provider and/or controller of an 
administrative activity can determine whether a certain activity has 
occurred at some point, or during a certain period, in... 

...past (for example, certain use of a commercial electronic content 
product and/or appliance). Such determinations can then be used as part 
of pricing and/or control strategies of a content...secure subsystem 
(such as the presence of a sufficient quantity of financial credit from 
an authorized credit provider), at least some travelling object content 
may be used by a receiving party.. .of a VDE API and/or a transaction 
management (for example, ROS based) programming language embeds VDE 
"awareness" into commercial or internal software (application programs, 
games, etc.) so that VDE user... Such control information can continue to 
manage usage of container content if the container is " embedded " into 
another VDE managed object, such as an object which contains plural 
embedded VDE containers, each of which contains content derived 
(extracted) from a different source... 

...price for electronic documents that the user is willing to pay without 
prior express user authorization , and the user establishing the 
character of metering information he or she is willing to...Handlers in a 
pathway of handling of content control information, to the extent each is 
authorized , can establish, modify, and/or contribute to, permission, 
auditing, payment, and reporting control information related... content 
container is "evolving" as it securely (e.g. communicated in encrypted 
form and using authentication and digital signaturing techniques) 
passes, at least in part, to a new participant's VDE... Proposed control 
information is used to an extent allowed by senior control information 
and as determined by any negotiation trade-offs that satisfy priorities 
stipulated by each set (the received set... 

...to content providers. Such control information and/or overall control 
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models may be applied, as determined or allowed by control information, 
in differing manners to different participants in a pathway of...0203] 
(d) append extracted content to a pre-existing VDE content container 
object and attach associated control information-in these cases, user 
added information may be secured, e.g., encrypted...code such as load 
modules) for each of various of said portions by, for example, embedding 
some or all of such portions individually as VDE content container 
objects within an overall VDE content container and/or embedding some 
or all of such portions directly into a VDE content container. In the 
latter... 

...such portions based upon said portions original control information 
requirements before aggregation. Each of such embedded VDE content 
containers may have its own control information in the form of one or... 
of the secure subsystem and/or VDE controlled content by uncovering one 
or more keys). Determining whether irregular patterns (e.g. unusually 
high demand) of content usage, or requests for delivery... 

...of related users whose aggregate pattern of usage is suspicious) may 
also be useful in determining whether security at such one or ...usage 
information this information can be provided to content providers or 
other parties, through secure, authenticated encrypted communication to 
the VDE installation secure subsystems. Clearinghouse processing means 
would normally be connected.. .available only under certain strict 
circumstances, such as a court order (which may itself require 
authorization through the use of a court controlled VDE installation 
that may be required to securely... 

...02 14] support (ingerprinting,(also known as watermarking) for 
embedding in content such that when content protected under the present 
invention is released in clear... 

...the user and/or VDE installation responsible for transforming the 
content into clear form is embedded into the released content. 
Fingerprinting is useful in providing an ability to identify who 
extracted... 

...its contents. Since the identity of the user and/or other identifying 
information may be embedded in an obscure or generally concealed 
manner, in VDE container content and/or control information, potential 
copyright violators may be deterred from unauthorized extraction or 
copying. Fingerprinting normally is embedded into unencrypted 
electronic content or control information, though it can be embedded 
into encrypted content and later placed in unencrypted content in a 
secure VDE installation sub... fingerprint information can be inserted, 
and then the content can be re-encrypted for transmission. Embedding 
identification information of the intended recipient user and/or VDE 
installation into content as it... 

...the security of a VDE installation or the delivered content. If a party 
produces an authorized clear form copy of VDE controlled content, 
including making unauthorized copies of an authorized clear form copy, 
fingerprint information would point back to that individual and/or his or 


...parties electronic information. Fingerprint information identifying a 
receiving party and/or VDE installation can be embedded into a VDE 
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object before, or during, decryption, replication, or communication of 
VDE content objects.. .0215] provide smart object agents that can carry 
requests, data, and/or methods, including budgets, authorizations , 
credit or currency, and content. For example, smart objects may travel to 
and/or from.. .or resources such as information resources, language or 
format translation, processing, credil (or additional credit) 
authorization , etc. Resources include reference databases, networks, 
high powered or specialized computing resources (the smart object... 
methods and/or assemblies. This feature preferably employs artificial 
intelligence capabilities to analyze and automatically determine , 
and/or assist one or more users to determine , the proper order and 
relationship between the library elements corresponding to the chosen 
methods and.. .to the extent commercially practical, to be as tamper 
resistant as reasonable. As another example, embedding a VDE hardware 
module into an I/O peripheral may have certain advantages from the. ..key 
and/or budget refresh information to the clearinghouse, which information 
can be necessary to authorize use of the clearinghouse's credit for 
usage of the provider's content and which... 

...time aged keys has a similar impact as failing to refresh budgets or 
time-aged authorizations . 

[...easily retrieved and/or analyzed. Because of the VDE security, 
including use of effective encryption, authentication , digital 
signaturing, and secure database structures, the records contained within 
a VDE card arrangement may.. .card, in said docking station, in an 
associated electronic appliance, and/or other device operatively 
attached thereto, and/or remotely, such as at a remote server site. A 
card's data0220] support certification processes that ensure authorized 
interoperability between various VDE installations so as to prevent VDE 
arrangements and/or installations that... 

...as well as VDE users. Certification data can also serve as information 
that contributes to determining the decommissioning or other change 
related to VDE sites. ..provided in secure form using VDE installation 
secure sub-system managed communications (including, for example, 
authenticating the deliverer of at least in part enciypted control 
information) between such not directly participating. ..securely utilized, 
within a secure subsystem. Since VDE also employs secure (e.g. encrypted 
and authenticated ) communications when passing information ... 
communications, and access to VDE node (VDE installation) secure 
subsystems. Physical facility and user identity authentication security 
procedures may be used instead of hardware SPUs at certain nodes, such as 
at... within the security limitations of a given VDE security 
implementation design). This control information can determine , for 
example...0344] FIGS. 57A and 57B show examples of EXTRACT and EMBED 
methods., .an example of how different keys may be generated using a key 
convolution process to determine a "true" key... program, she cannot 
watch or copy the program unless she has "rules and controls" that 
authorize use of the program. She can use the program only as permitted 
by the "rules... means to be delivered separately. For example, the 
content user 112 may have a virtual " credit card " that extends credit 
(up to a certain limit) to pay for usage of any content... 

...can take place at the user's site without requiring any "online" 
connection or further authorization . This invention can be used to help 
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securely protect the virtual " credit card " against unauthorized use 
0412] The "events process" 402 detects things that happen ("events") and 
determines which of those "events" need action by the other 
"processes." The "events" may include, for...0420] Billing process 406 
determines how much to charge for events. It records and reports payment 
information...510. SPU "firmware" 508 in this example is "software" such 
as a "computer program(s)" " embedded " within chip 504. Firmware 508 
makes the hardware 506 work. Hardware 506 preferably contains a... 

...0436] The particular context in which SPU 500 is being used will 
determine how much processing capabilities SPU 500 should have SPU 
hardware 506, in ...0445] a "small" credit card . 

[...604 are "event driven." Rather than repeatedly examining the state 
of electronic appliance 600 to determine whether a condition has 
arisen, the "rights operating system functions" 604 may respond directly 
to. ..is also used for managing encrypted and/or otherwise secured 
communication (such as by employing authentication and/or 
error- correction validation of information). SPU 500 may also perform 
secure data management.. .tampering is detected, further modules providing 
additional security protections such as requiring password or other 
authentication to operate; and the like. In addition, further layers of 
metal may be added to... 

...addressing and refresh circuitry that "shuffles" the location of bits to 
complicate efforts to electrically determine the value of memory 
locations. These and other techniques may contribute to the security of 
...may be compared to a controlled RTC 528 output time under control of 
the party authorized to be "senior" and controlling. In the event of a 
discrepancy, appropriate action may be. ..is preferable that an extremely 
secure encryption/decryption technique be used as an aspect of 
authenticating the identity of electronic appliances 600 that are 
establishing a communication channel and securing any.. .performing 
pattern matching functions. One of the functions SPU 500 may perform is 
to validate/ authenticate VDE objects 300 and other items. Validation/ 
authentication often involves comparing long data strings to determine 
whether they compare in a predetermined way. In addition, certain forms 
of usage (such as. ..500. Such sequences may be used, for example, in 
private headers to frustrate efforts to determine an encryption key 
through cryptoanalysis.. .dispatcher) may be loaded in ROM 532 along with 
additional load modules that have been determined to be required for 
specific installations or applications... 

Exemplary or Independent Claim(s): 

Non-exemplary or Dependent Claim(s): 

...selected from the group consisting of: a condition relating to 
availability of credit from an authorized source; a condition 
relating to execution of one or more load modules within a predefined 
...uses is selected from the group consisting of: displaying, 
encrypting, decrypting, printing, copying, saving, extracting, 
embedding , distributing, and auditing usage of the piece of 
electronic content... and/or prohibited uses is selected from the 
group consisting of: displaying, printing, saving, extracting, 
embedding , and auditing usage of the piece of electronic content... 
selected from the group consisting of: a condition relating to 
availability of credit from an authorized source; a condition 
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relating to execution of one or more load modules within a predefined 
...of the permitted uses is selected from the group consisting of: 
displaying, printing, saving, extracting, embedding , and auditing 
usage of the piece of electronic content...selected from the group 
consisting of: a condition relating to availability of credit from an 
authorized source; a condition relating to execution of one or more 
load modules within a predefined... 
...and/or prohibited uses is selected from the group consisting of: 

displaying, printing, saving, extracting, embedding , and auditing 
usage of the piece of electronic content... selected from the group 
consisting of: a condition relating to availability of credit from an 
authorized source; a condition relating to execution of one or more 
load modules within a predefined.. .and/or prohibited usages is 
selected from the group consisting of: displaying, printing, saving, 
extracting, embedding , and auditing usage of the piece of 
electronic content.. .selected from the group consisting of: a 
condition relating to availability of credit from an authorized 
source; a condition relating to execution of one or more load modules 
within a predefined... 

...and/or prohibited usages is selected from the group consisting of: 
displaying, printing, saving, extracting, embedding, and auditing 
usage of the piece of electronic content...selected from the group 
consisting of: a condition relating to availability of credit from an 
authorized source; a condition relating to execution of one or more 
load modules within a predefined... 

...of the permitted uses is selected from the group consisting of: 

displaying, printing, saving, extracting, embedding , and auditing 
usage of the piece of electronic content...selected from the group 
consisting of: a condition relating to availability of credit from an 
authorized source; a condition relating to execution of one or more 
load modules within a predefined... 

...and or prohibited usages is selected from the group consisting of: 
displaying, printing, saving, extracting, embedding , and auditing 
usage of the piece of electronic content., .selected from the group 
consisting of: a condition relating to availability of credit from an 
authorized source; a condition relating to execution of one or more 
load modules within a predefined... 

...of the permitted uses is selected from the group consisting of: 

displaying, printing, saving, extracting, embedding , and auditing 
usage of the piece of electronic content. 
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Summary of the Invention: 

...00 1 7] "Bedoop." That might be the same sound when that same someone 
places their credit card in front of their desktop camera. Instantly, 
the product displayed on the web page is... 

...a secure purchase link is initiated, transmitting all requisite 
information to the vendor. Twist the credit card clockwise and the 
purchaser chooses overnight delivery.. .and the information more visually 
overt and/or pre-existing (i.e., not "pro-activcly" embedded , or it 
might not even be "digital," per se). Different implementation 
considerations attach to these variants. Likewise, though the bulk of 
this disclosure concentrates on objects which have some form of digital 
message attached thereto, some aspects of the technology may apply to 
objects which have no such thing. ..003 1] According to another aspect, a 
method of determining consumer response to print advertising comprises: 
(a) encoding a first print advertisement with first data... 

...with said advertisements; (d) monitoring linking traffic due to each of 
said identifiers to thereby determine consumer response to the 
advertisements submitting at least some of said decoded data to a remote 
computer; and (e) determining at the remote computer whether a prize 
should be awarded in response to submission of... 

Description of the Invention: 

...0057] FIG. 16 shows use of binocular processing to determine 
certain object attributes. ..computer 1 14 detects the presence of Bedoop 
data and successfully decodes same, it issues a confirmation tone 
("be-doop") from a speaker or other audio transducer 122. The computer 
then adds... the sensor until the decoder succeeds in decoding the 
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steganographically encoded data and issues a confirming "Bedoop" audio 
signal.. .0096] Characteristic markings on the object (as discussed below 
in connection with determining object orientation) can also be sensed 
and used in locating the object... 

...0098] The next step in the decoding process, determining orientation 
of the Bedoop data, can likewise be discerned by reference to visual 
clues. For... 

...graticule data, or other calibration data, steganographically encoded 
with the Bedoop data to aid in determining orientation. Others can 
employ overt markings, either placed for that sole purpose (e.g. ... 
0100] (In some arrangements, the step of determining the orientation 
can be omitted. Business card readers, for example, produce data that is 
reliably. ..relational state of the image data can be ignored). In still 
other embodiments, the orientation- determining step can be omitted 
because the decoding can readily proceed without this information. For 
example. ..e.g., error detecting codes can be included in the Bedoop 
payload and checked to confirm correspondence with the other Bedoop 
payload. Likewise, the system can confirm that the same Bedoop data is 
present in different tiled exceipts within the image data.. .used in 
identifying the server computer that will respond to the Bedoop data. The 
UID determines precisely what response should be provided...and the 
web-display is then customized, the address of the web site is typically 
determined by the card vendor. But this need not be the case. Likewise, 
the card need... 

...Bedoop data on the card can be similarly customized. Instead of leading 
to a site determined by the card vendor, the data can lead to the 
sender's personal web page0145] For security purposes, the access code 
is not embedded using standard Bedoop techniques. Instead, a 
non-standard format (typically steganographic) is employed. The 
embedding of this access code can span the entire face of the card, or 
can be... 

...door lock, the candidate presents the badge to an optical sensor device, 
which reads the embedded building access code, checks it for 
authenticity and, if the candidate arrived within the permitted., .and 
optionally checking the door log to see that a person of that name was 
authorized to enter and did so), the security guard can let the 
candidate pass. ..over the web. The user can print an access ticket that 
has an entry code embedded therein. On arriving at the theater or 
event, the user presents the ticket to an optical scanning device, which 
decodes the entry code, checks the validity of same, authorizes the 
entry, and marks that entry code as having been used (preventing multiple 
uses of.. .applications, or without such aids), captures optical data, and 
decodes same to extract the steganographically- embedded data hidden 
therein. The access control system then checks whether the badge ID 
discerned from.. .of a different individual. If the photo is swapped, the 
proximity system ID and the embedded photo data will not match, 
llagging an unauthorized attempted access.. .The basic physics and very 
low level analog electronic operation of inkjet printers (sometimes 
termed bubble -jet printers) are ideally suited to support 
very-light-tint background digital watermarking on any...0164] In 
another example, the UID field serves an authentication purpose, e.g., 
to verify that the printed medium actually was printed at a particular 
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place, or by a particular.. .label can be provided and encoded) with 
electronic payment information, such as the customer's credit card 
number, or the number of a debit account maintained by the coffee 
merchant for that... 

...security reasons, the system may be arranged so that the mug cannot be 
used to authorize more than, say $5 of coffee drink purchases per day 
...0187] On sensing a Bedoop-encoded object, the elevator can determine 
-among other data-the floor on which the wearer's office is located. The 
system.. .only in response to Bedoop data (which may thus be regarded as a 
form of authentication or password data... Some users may carry several 
differently-encoded cards, each with a different level of access 
authorization (e.g., with different UIDs). Thus, some cards may access a 
biographical page without any... in the database record, the card giver 
can use a special card that conveys write- authorization privileges. 
This special card can be a specially encoded version of the business 
card, or.. .0207] A Bedoop system can determine the scale state, 
rotation state, X-Y offset, and differential scale state, of an object by 
reference to embedded calibration data, or other techniques. If the 
scan device operates at a suitably high frame.. .the Bedoop data in a 
known manner. (Such bits may convey, e.g., profile data, credit card 
data, etc.) The appended data field, in turn, may include one or more 
bits signaling.. .of a Bedoop sensor, a user can request renewal of the 
driver's license, and authorize payment of the corresponding fee...the 
Department of Motor vehicles, another government entity, a private 
entity, or by the traveler), authenticating the operation by presenting 
Bedoop data encoded on the license, and obtain information that the 
person has pre-approved for release in response to such authorized 
access. This information can include e-mail account and password 
information. Using this information, the 

Exemplary or Independent Claim(s): 
...comprising: 

at a first computer, receiving from a first device a first content 
identifier previously determined through a first type of operation; 
at said first computer, receiving from a second device a second 
content identifier previously determined through a second type of 
operation different than the first; 
from said first computer, forwarding... 
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Summary of the Invention: 

...component 81 may provide immediate local authentication using public 
key certificates or may provide immediate authentication with the 
issuer, waiting for a response. The welcome mat component 81 may also 
provide background authentication with the issuer while going on to the 
navigation shell component 82 or may defer authentication to the first 
transaction. With deferred authentication , the welcome mat component 81 
may need to instantiate a default customer relationship component 113 and 
a default set of product types, such as checking, savings, or credit 
card . If a rule broker component 121 does not have a registered issuer 
for the card/CIN prefix number, a customer ID component 1 1 1 is 
instantiated and marked invalid, further authentication of the customer 
is skipped, and a navigation shell component 82 for invalid customers is 
...executor component 91 validates properties of data obtained from 
mini-app dialog components 83 to determine whether the required 
information needed to do the transaction exists. If the data is missing 
...card information, if a card was used, including the type of card, such 
as ATM, credit card , SmartCard, and tracks present and track data. 
The customer ID component 1 1 1 knows the tier... 

...identity, for instance, business code, financial institution identifier, 
and issuer type, such as bank card, credit card , or other third party 
card. The issuer component 1 12 knows the PIN length supported and... 
supported, and the navigation schemes supported. The issuer component 1 12 
knows when or how to authenticate customer, such as by local validation 
of public key certificate, immediate to issuer, background to. ..man 
component 122, and welcome mat component 81. The session component 132 
sends touch point attached notification to each of the components and 
supports registration of additional session components thatneed...0099] 
B. Customer Authentication 

[... 

...0100] An example of the process of authenticating a customer will now 
be described with reference ...step E22, the touch point interface 
component 41 forwards the message to the appropriate session bubble 
based on the session ID in the session cookie. At step E3, the front 
doorman... 
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...step E28, the welcome mat component 81 instantiates the profile 
transaction executor component 91 for authenticating the customer and 
then passes the CIN and encrypted PIN to the transaction executor 
component... The delivery system 12 can easily support multi-media HTML 
has well-known means for embedding and referencing a wide range of 
media types, for instance graphics, sounds, and movies. Thc.session 
bubble starts up normally at the CAT 16. When the welcome mat component 
81 determines that this customer is off-region, the welcome mat 
component 81 makes a connection to... 

...component 111 and issuer components 1 12 on the NetCAT server 200. After 
NetCAT server 200 authenticates the customer, with its own external 
service provider, the NetCAT server 200 starts up a.. .rule "answerer" may 
be installed or replaced independently from components which use that 
data to determine answers to rule questions. ..authorities, the rule 
engine has no specific knowledge of rules or applications. The rule 
engine determines answers for rules and is used by the rule broker 
component 121 and calls the. ..contains specific rules for dispense 
amounts and ask the peripheral device manager component 62 to determine 
what denominations are available... 

Description of the Drawings: 
...003 1] FIGS. 5A to 5D are flow charts depicting operations of the 
delivery system in authenticating a customer... 
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Summary of the Invention: 

...rates. Examples of conventional microvalves include electostatic 
valves, diaphragm valves, MEMS-based mechanical slides, and bubble - 
based valves. Fluidic connectors are required to either interconnect the 
various elements of a micro fluidic system... of a convenient handling size 
of about 50 mmX90 mm (about the size of a credit card ) and about 1 mm 
in thickness. The components are fabricated using any of the various a 
piezoelectric device, a diaphragm type pump or a bubble - based 
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micropump. The microchannel is 50-500 micron wide and 5-250 micron deep. 
The reservoirs... 

Exemplary or Independent Claim(s): 
Non-exemplary or Dependent Claim(s): 

...additional system settings; plotting the flow pressure vs. flow rate 
from the collected measurements; and 
determining the characteristics of one of said plurality of 
microfluidic systems. 
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Description of the Drawings: 

...0180]FIG. 165 illustrates the print roll authentication chip... 
...0181JFIG. 166 illustrates an enlarged view of the print roll 

authentication chip... 

...0182]FIG. 167 illustrates a single authentication chip data protocol 


...0183]FIG. 168 illustrates a dual authentication chip data protocol... 

...0196]FIG. 181 illustrates a schematic block diagram of the 
authentication chip... 

...021 8]FIG. 203 sets out the information stored on the print roll 
authentication chip... 

...0219]FIG. 204 illustrates the data stored within the Artcam 
authorization chip... 

Description of the Invention: 

...0275] 22. Reading and storing information in a printing roll 
authentication chip 53... 


Priority 


AU 977987 
AU 977991 


19970715 
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...0276] 23. Reading and storing information in a camera authentication 
chip 54... 

...0287] Print Roll Authentication Chip 53... 

...0289] The authentication chip also provides other features... 

...0292] 3. Authentication Information to prevent inferior clone print 
roll copies... 

...0293] The authentication chip 53 contains 1024 bits of Flash memory, 
of which 128 bits is an authentication key, and 512 bits is the 
authentication information. Also included is an encryption circuit to 
ensure that the authentication key cannot be accessed directly... 

...Artcard 9 is a piece of thin white plastic with the same format as a 
credit card (86 mm long by 54 mm wide). The Artcard is printed on both 
sides using... 

...color (red green) LED. When the card is successfully read, and data 
integrity has been verified , the LED lights up green continually. If 
the card is faulty, then the LED lights... 

...0342] Camera Authentication Chip... 

...0343] The camera authentication chip 54 is identical to the print 
roll authentication chip 53, except that it has different information 
stored in it. The camera authentication chip 54 has three main purposes 


...0344] 1 . To provide a secure means of comparing authentication codes 
with the print roll authentication chip... 

...display 5 is a full motion image display which operates as a viewfmder, 
as a verification of the image to be printed, and as a user interface 
display. The cost of... 16 groups must be a contiguous set of cache lines. 
The CPU is responsible for determining how many cache lines to allocate 
to each group. Within each group cache lines are... 

...0440] Authentication Chip Serial Interfaces 64... 

...them. The reason for having 2 ports is to connect to both the on-camera 
Authentication chip, and to the print-roll Authentication chip using 
separate lines. Only using 1 line may make it possible for a clone 
print-roll manufacturer to design a chip which, instead of generating an 
authentication code, tricks the camera into using the code generated by 
the authentication chip in the camera... 

...g 178 contains a 4 bit Synchronization Register 197. It is a mask used 
to determine which PUs e.g 178 work together, and has one bit set for 
each of... 

...e.g 178 status bits to update the Common Status Register 200. The 
microcode for determining the output status bit takes the following 
form... 


EIC3600 SEARCH RESULTS 


164 


5/6/2009 


...block. The status select bit (choosing Zero or Negative) is passed into 
all units to determine which bit is to be output onto the status bit 
bus... 

...test a status bit from the Common Status Register 200 and branch. The 
microcode for determining the next execution address takes the 
following form... 

...one of Out[sub]l or Out[sub]2 to one of the output FIFOs attached to 
the ALU 188. Finally, both registers are available as inputs to Crossbar 1 
213, which... set of registers for that are used to control address 
generation. The addressing mode also determines how the data is 
formatted and sent into the local Input FIFO, and how data... 

...0545] The 4 bit Address Mode Register is used to determine the 
Iterator type... 

...0547] The Flags register (AccessSpeciiic[sub] 1 ) contains a number of 
flags used to determine factors affecting the reading and writing of 
data. The Flags register has the following composition... 

...0565] BoxOffset: This special purpose register is used to determine a 
sub-sampling in terms of which input pixels will be used as the center... 

...coordinate. It would access the input image pixels according to this 
mapping, and coherence is determined by having sufficient cache lines 
on the 'random-access' reader for the input image. The... 

...or 2 bytes) per data element. The 4 bit Address Mode Register is used to 
determine the I/O type... 

...lookup section. The Flags register (AccessSpecific[sub]l) contains a 
number of flags used to determine factors affecting the reading (and in 
one case, writing) of data. The Flags register has... 

...0585] This mode is described in the DRAM FIFO section below. The 
DataSize flag determines whether the size of each data elements of the 
table is 8 or 16 bits... 

...the index is completely ignored. If the index is out of bounds, the 
DuplicateEdge flag determines whether the edge pixel or ConstantPixel 
is returned. The address generation is straightforward... 

...and Table[Int(X)+l]. If either index is out of bounds the DuplicateEdge 
flag determines whether the edge pixel or ConstantPixel is returned. 
Address generation is the same as Direct.. .0767] Phase 2. Once the data 
area has been determined , the main read process begins, placing pixel 
data from the CCD into an "Artcard data.. .each of the 3 cases of interest 
in the FIFO, S2StartPixel can be used to determine the start of the 
black area of a target (Cases 1 and 2), and also... 

...0802] This phase of processing is to determine a mathematical line 
that passes through the center of as many targets as possible. The... 

...to do so (see below), and lowering complexity makes testing easier. It 
is necessary to determine the line between targets 0 and 1 (if both 
targets are considered valid) and then determine how many targets fall 


EIC3600 SEARCH RESULTS 


165 


5/6/2009 


on this line. Then we determine the line between targets 0 and 2, and 
repeat the process. Eventually we do the... 

...0806] As illustrated in FIG. 34, in the algorithm above, to determine 
a CurrentLine 260 from Target A 261 and target B, it is necessary to 
calculate... 

...N on the line, and if it falls within the tolerance, then TargetN is 
determined to be on the line... 

...it is incremented from -1 to 0 (see Step 0 Phase 1). The CurrentColumn 
register determines when to terminate the read process (when reaching 
maxColumns), and also is used to advance... 

...have been written to the byte (once every 8 dot columns). The lower 3 
bits determine what bit we're up to within the current byte. It will be 
the same... 

...we need to read a [capital Delta, Greek]row and [capital Delta, 
Greek] column to determine the change to the centroid. The read process 
takes 5% of the bandwidth and 2... 

...0846] Once the centroid has been determined , the pixels around the 
centroid need to be examined to detect the status of the... 

...0870] Once the 20 bit 5 pixel expected value has been determined it 
can be compared against the actual pixels read. This can proceed by 
subtracting the... 
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Main Patent US 5933816 A 19990803 US 97908413 19970807 
Provisional US 60-29209 19961031 


Fulltext Word Count: 19113 

Summary of the Invention: 

...a logon message to the remote device and instantiates a profile 
transaction executor component to authenticate a customer. A navigation 
shell component notifies the remote device of the list of available... 

Description of the Drawings: 
...FIGS. 5A to 5D are flow charts depicting operations of the delivery 
system in authenticating a customer... 

Description of the Invention: 

...the front door man component 5 1 adds a session security token to 
outgoing messages and verifies the session security token for incoming 
messages. For sessions with a CAT/CASST 16, the... 

...control devices via an acquisition mechanism. Upon request, the session 
device manager component 63 first determines the availability and 
capability of the acquired device and returns the device reference to the 
client. The session device manager component 63 queries the peripheral 
device manager component 62 to determine devices available to the 
system, queries the delivery capabilities to determine the available 
remote devices and creates instances of those devices for use by session 
components... 

...The crypto man component 75 manages secret keys associated with external 
service providers and performs authentication of public key 
certificates. The crypto man component 75 holds security keys for each 
external... 

...variable, counter, and status indicator. The status monitor agent 
monitors status instrument variables and events, determines if an 
external system management product needs to be notified, and sends any 
important "alarms... 

...the initial welcome page to the customer and collects customer identity 
and preference information. After determining the issuer of the 
customer ID and possibly authenticating the customer, the welcome mat 
component 81 instantiates several customer services objects to hold 
information... 

...for issuer. The welcome mat component 81 instantiates a profile 
transaction executor component 91 to authenticate the customer and get 
the customer's relationships or customer profile. This process typically 
involves... 

...The welcome mat component 81 may do four things for customer 
authentication based on acquirer rules and the type of customer ID, such 
as public key certificate, ATM card, credit card , on-us, or off-us. 
The welcome mat component 81 may provide immediate local authentication 
using public key certificates or may provide immediate 1 authentication 


EIC3600 SEARCH RESULTS 


167 


5/6/2009 


with the issuer, waiting for a response. The welcome mat component 81 may 
also provide background authentication with the issuer while going on 
to the navigation shell component 82 or may defer authentication to the 
first transaction. With deferred authentication , the welcome mat 
component 81 may need to instantiate a default customer relationship 
component 113 and a default set of product types, such as checking, 
savings, or credit card . If a rule broker component 121 does not have 
a registered issuer for the card/CIN prefix number, a customer ID 
component 1 1 1 is instantiated and marked invalid, further authentication 
of the customer is skipped, and a navigation shell component 82 for 
invalid customers is. ..executor component 91 validates properties of data 
obtained from mini-app dialog components 83 to determine whether the 
required information needed to do the transaction exists. If the data is 
missing... 

...card information, if a card w as used, including the type of card, such 
as ATM, credit card , SmartCard, and tracks present and track data. 
The customer ID component ! i ! knows the tier... 

...identity, for instance, business code, financial institution identifier, 
and issuer type, such as bank card, credit card , or other third party 
card. The issuer component 1 12 knows the PIN length supported and... 

...supported, and the navigation schemes supported. The issuer component 
1 12 knows when or how to authenticate customer, such as by local 
validation of public key certificate, immediate to issuer, background to 


...man component 122, and welcome mat component 81. The session component 
132 sends touch point attached notification to each of the components 
and supports registration of additional session components that need... 

...B. Customer Authentication 


...An example of the process of authenticating a customer will now be 
described with reference to FIGS. 5A to 5D and FIGS... 

...step E22, the touch point interface component 41 forwards the message to 
the appropriate session bubble based on the session ID in the session 
cookie. At step E3, the front door man... 

...step E28, the welcome mat component 81 instantiates the profile 
transaction executor component 91 for authenticating the customer and 
then passes the CIN and encrypted PIN to the transaction executor 
component... The delivery system 12 can easily support multi-media. HTML 
has well-known means for embedding and referencing a wide range of 
media types, for instance graphics, sounds, and movies. The... 

...session bubble starts up normally at the CAT 16. When the welcome mat 
component 81 determines that this customer is off-region, the welcome 
mat component 81 makes a connection to... 

...component 111 and issuer components 1 12 on the NetCAT server 200. After 
NetCAT server 200 authenticates the customer, with its own external 
service provider, the NetCAT server 200 starts up a... 
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...rule "answerer" may be installed or replaced independently from 
components which use that data to determine answers to rule questions 


...authorities, the rule engine has no specific knowledge of rules or 
applications. The rule engine determines answers for rules and is used 
by the rule broker component 121 and calls the... 

...contains specific rules for dispense amounts and ask the peripheral 
device manager component 62 to determine what denominations are 
available... 

Exemplary or Independent Claim(s): 
Non-exemplary or Dependent Claim(s): 

...man component for adding security tokens to messages sent to the 
remote device and for verifying security tokens on messages 
received from the remote device... 

...forth in claim 17, wherein the welcome mat component instantiates a 
profile transaction executor to authenticate the customer... 

...the welcome mat component a profile transaction executor component, the 
profile transaction executor component for authenticating a 
customer... 

...tokens on messages sent to the remote device with the front door man 
component, and verifying with the front door man component the 
security tokens on messages received from the remote... 
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...ABSTRACT: would like their financial transactions to be secure. This 
could be accomplished with hiomotric idem i Tiers embedded in credit 
cards . However, there is much debate about a national II) card with 
biometric identifier . Society will constantly have to weight security 
versus privacy with freedom being impacted no matter... 
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Assignee Code: 68000 
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US 20020091646 Al 20020711 US 2001986218 20011022 
Priority Applic: US 2001986218 20011022 

Provisional Applic: US 60-245768 20001103 

Exemplary Claim: 

...merchant server over a computer network, the process comprising: (a) 
collecting credit card information and identification information at a 
designated identifier ; (b) transmitting the collected credit card 
information to an authentication server connected to a computer 
network; (c) performing an identification transaction wherein the 
authentication server determines whether the cardholder is authorized 
to use the credit card and, if so, the authentication server 
issues a code temporarily binding the identity of an individual 
possessing the code, the... 

...the identification transaction including the credit card information, 
the code, and the identity of the credit cardholder on the 
authentication server sending the code to the identifier and 
cardholder; (e) entering the credit card information... 

...cardholder's computer to the authentication server over a computer 
network; (f) comparing on the authentication server the credit card 
information and code submitted from the cardholder's computer to the 
credit card information and... 

...certificate as payment; and (i) the merchant web server validating the 
digital certificate from the authentication web server before 
authorizing the credit card purchase transaction. 

Non-exemplary Claims: 

...computer network, the process comprising: (a) reading a credit card 
containing information at a designated identifier ; (b) performing an 
identification transaction wherein the identifier determines whether 
the cardholder is authorized to use the credit card and, if so, an 
authentication server issues a code temporarily binding the identity 
of an individual possessing both the code... 

...the identification transaction including the credit card information, 
the code, and the identity of the credit cardholder on an 
authentication server connected to a computer network; (d) submitting 
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the credit card information and the code... 
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une somme d'argent predeterminee et methode de traitement de la carte 
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ABSTRACT WORD COUNT: 10262 

NOTE: 

Figure number on first page: 1 

LANGUAGE (Publication,Procedural,Application): English; English; English 

FULLTEXT AVAILABILITY: 

Available Text Language Update Word Count 

CLAIMS H (English) 200349 3873 
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CLAIMS B (French) 200349 4322 

SPECB (English) 200349 5171 
Total word count - document A 0 
Total word count - document B 1 6745 
Total word count - documents A + B 1 6745 

...CLAIMS 5, 51, 52, 53, S211) for generating data of transaction including 
a transaction ID, a card IC, an authorized value serial number, 
an amount of the transaction and data in accordance with the contents 
of... 

...computer at predetermined time, and 
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means (5, 51, 52, 53, S304, 5305) for checking whether or not the 
transaction ID , the card ID and the authorized value serial number 
in data of the transaction are... 
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LANGUAGE (Publication,Procedural,Application): English; English; English 

FULLTEXT AVAILABILITY: 

Available Text Language Update Word Count 
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...SPECIFICATION would be stored in the table at the next level, namely 
Table 1, as shown in Figure 2. 

Each customer is issued a PIN and a bank card on which is 
recorded a user identifier ID , a unique secret personal key KP, 
and other information including information that allows a verification 
value V... 

...function of PIN, KP, ID, and KGbl as described above, and is calculated 
via Equations 1 and 2. In the example given in Figure 2 where n = 
3, the other information stored on the bank card necessary to allow a 
verification value V to be calculated would consist of a 56-bit value 
selected from each... 
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DK DM DZ EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR 

KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD 

SE SG SI SK SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW 

(EP) AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE 

(OA) BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG 

(AP) GH GM KE LS MW MZ SD SL SZ TZ UG ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language: English 
Filing Language: English 
Fulltext Word Count: 4493 

Fulltext Availability: 
Detailed Description 

Detailed Description 

... reader device, in addition to which the user can be asked to enter a 
personal identifier , such as an identification number only known to 
the user, to confirm the user's rights. The bank card is meant for 
the user's personal use only, and it aims at identifying the... 
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E/ Promoting savings by facilitating incremental commitments made with 
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credit card and other consumer-initiated transactions 
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Fulltext Word Count: 8265 

Description of the Invention: 

...herein, "purchase" may include outright purchases as well as 
rentals, leases, and so on. The authorization 1 10 includes a credit 
card number, smart card identifier (possibly including digital 
signatures and/or keys), checking account number, or other means 
identifying... 

...merchant electronically, the merchant will generally use its own 
computing system 1 14 to verify the authorization 1 10. For instance, a 
credit card transaction 116 typically involves communications between 
the computing system 1 14 and a computing system 1 15...systems of FIGS. 1 
and 2, but includes a separate mapping feature 300 which converts 
authorization source identifiers (e.g., credit card numbers or smart 
card identifiers) into corresponding savings vehicle identifiers (e.g., 
bank name and... 

...200 simply directs the specified funds to the mapping entity 300 with 
the authorization source identifier and/or the consumer's 
identification . Then the mapping entity 300 follows through with the 
savings vehicle provider 106 to make... 

...information provided in the agreement 108, and to prevent fraud. This is 
particularly true of credit card numbers and similar authorization 
sources 402... 

...s computer memory and/or network connections. The illustrated signal 700 
includes one or more authorization sources 702, such as a credit 
card number, charge card number, smart card identifier, other card 
identifier, and/or checking account number. The illustrated signal 700 
also includes... 
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E/ Method and apparatus for remotely administered authentication and access 
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Fulltext Word Count: 13311 

Description of the Invention: 

...cables. Network terminal 202 sends a startup request to 
authentication manager 204 that includes a unique identifier that may 
correspond to a user. Such an identifier may originate from a token (a... 

...if a user is at a terminal 202 that requires payment every 10 minutes, 
an authentication module 240 may debit a cash card every 1 0 minutes 
until the cash card is empty at which point a session may... 

...contained in authentication database 218 may be used to identify the 
server, port and session identifier ( ID ) for session manager 206. 
Session manager 206 is a program that is active on a...an authentication 
module 240) for communicating with session manager 206. The sessionID 
field contains a unique identifier for session manager 206. If 
authentication is successful, the sessionHost, sessionPort and sessionID 
fields are... 

...for a mondex card token. Such key-value pairs may be followed by a token 
identifier such as " ID =TOKENID343234234" wherein the key is "ID" and 
the value for the key is "TOKENID343234234". In... 
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Fulltext Word Count: 50606 

Description of the Invention: 

...by the Electronic Digital Content Store(s) 103 and what parts are 
retained in the embedded Metadata SC(s) 620... 

...Digest Algorithm ID —An identifier of the algorithm used to compute 
the digests of the parts... 

...Digital Signature Alg ID -An identifier of the algorithm used to 
encrypt the digest of the concatenated part digests. This encrypted... 
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Fulltext Word Count: 5938 

Description of the Invention: 

...or not debited), other data 204 indicative of other user data, and 
user sequence number ( ID ( identifier ) of the transaction history) 205 


...After the operation of the step 700 upon payment in the credit member 
store, the card user can confirm and rearrange the contents of the IC 
card 120 and also can collate it with... 
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...collated with the charged amount data possessed by the credit company, 
the user of the credit card can quickly confirm its due-payment 
date, judge an undue charge for a purchase not actually done by... 
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Fulltext Word Count: 35960 

Description of the Invention: 

... id : The unique identifier of the target DXC instance. This is 
a number generated by De finer whenever a new... 

...One-line Credit card authorization 
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Fulltext Word Count: 57810 
Description of the Invention: 

...records in the BOM along with the records for each part. The SC(s) 
type determines which records need to be included... 

...0397] Digest Algorithm ID -An identifier of the algorithm used to 
compute the digests of the parts... 

...0398] Digital Signature Alg ID -An identifier of the algorithm used 
to encrypt the digest of the concatenated part digests. This encrypted... 
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Fulltext Word Count: 11390 

Summary of the Invention: 

...corresponding connection for the HOL token of the packet queue by 
referring to the connection identifier ( ID ) and the size of credit 
stored in the token. The HOL packet of the queue... 
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...the size of the HOL packet is equal to or less than that of the credit 
of the HOL token , and otherwise, the credit is added to a confirmed 

credit and a credit of the size of the available credit is stored again 
in... 
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Fulltext Word Count: 61 197 

Description of the Invention: 

...0750] "Request ID": identifier of the Quote Request... 

...0766] "Request ID": identifier of the Quote Request for which Quote 
Response is submitted... 

...0767] "Quote ID": identifier of the Quote Response...0810] 
"Payload ID ": the identifier of a previously communicated payload... 
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Description of the Invention: 

...Next, the system performs a credit card authorization , or some 
other payment transaction, to receive payment from user 102 for license 
108 (step... 

...Finally, the license number is created by concatenating the rotated 
encoded string with the rotated permutation identifier (step 520... 

...license is not copied and used by multiple people. Note that any other 
type of identification with a unique identifier can be used instead 
of photo ID 209. For example, a social security card, a... 
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Summary of the Invention: 

...0014] In another aspect of the invention, the client may include 
their PIN (Personal Identification Number), or some other identifier 
depending on the chosen method of payment, as part of the credit card 
information sent to the credit card company/ authorization agent. 
The inclusion of the PIN acts a method of verification of the transaction 
and... 
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Description of the Invention: 

...administrative division. The confirmation contains the particulars 
of the transaction such as product identifiers, locality identifiers , 
price, quantity, time allotments, buyer ID and credit information and 
password for the purchase (which is not on the buyer's... 

...up point, the purchaser must present identification such as an ID Card, 
the e-mail confirmation or debit card containing the information 
and the purchaser must know the password which they choose for that... 


22/3,K/17 (Item 12 from file: 654) 

DIALOG(R)File 654:US PAT.FULL. 

(c) Format only 2009 Dialog. All rts. reserv. 

4789417 

Derwent Accession: 2001-539130 
Utility 

M/ Payment management method and system using an IC card 

Inventor: Morooka, Yoshitsugu, Kawasaki, JP 

Umezawa, Tomohiro, Kawasaki, JP 

Hino, Masatoshi, Zama, JP 
Assignee: Hitachi, Ltd.(03), Tokyo, JP 

Hitachi Ltd JP (Code: 39224) 
Examiner: Freeh, Karl D. (Art Unit: 286) 
Assistant Examiner: Lee, Seung Ho 
Law Firm: Mattingly, Stanger & Malur, P.C. 

Publication Application Filing 

Number Kind Date Number Date 


MainPatent US 6488204 A 20021203 US 2000648614 20000828 


Fulltext Word Count: 6197 
Description of the Invention: 

...or not debited), other data 204 indicative of other user data, and 
user sequence number ( ID ( identifier ) of the transaction history) 205 


...After the operation of the step 700 upon payment in the credit member 
store, the card user can confirm and rearrange the contents of the IC 
card 120 and also can collate it with... 


Provisional 
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Priority 
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...collated with the charged amount data possessed by the credit company, 
the user of the credit card can quickly confirm its due-payment 
date, judge an undue charge for a purchase not actually done by... 
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Description of the Invention: 

... id " portion specifies the unique shopper identifier . Lastly, 
the "template.html" portion is the name of the HTML template to use to... 

...A purchase.html page presents the order total and provides a form for 
entry of credit card payment information. To confirm purchases, a 
confirmed.html page presents a message confirming completion of the 
purchase transaction. Similarly... 

... id " portion specifies the unique shopper identifier . Lastly, the 
"module.action" portion identifies the action to execute and the 
"argl=valuel; arg2 


22/3,K/19 (Item 14 from file: 654) 

DIALOG(R)File 654:US PAT.FULL. 

(c) Format only 2009 Dialog. All rts. reserv. 

4773212 **IMAGE Available 
Derwent Accession: 2000-423073 
Utility 

REASSIGNED 


EIC3600 SEARCH RESULTS 


182 


5/6/2009 


E/ Electronic commerce using a transaction network 

Inventor: Cockrill, Michael P., Redmond, WA 

Bryant, William K., Seattle, WA 

Franklin, D. Chase, Seattle, WA 

McNeely, Mark H., Mercer Island, WA 

Ryan, Timothy J., Woodinville, WA 

Sweet, Andrew P., Renton, WA 

Siadek, Steven J., Seattle, WA 

Faith, Jr., Ronald R., Bothell, WA 

Goris, J. Mark, Seattle, WA 

Malek, Thor A., Sultan, WA 
Assignee: QPASS, Inc.(02), Seattle, WA 

QPASS Inc 
Examiner: Millin, Vincent (Art Unit: 364) 
Assistant Examiner: Akers, Geoffrey 
Law Firm: Leydig, Voit & Mayer, Ltd. 

Publication Application Filing 

Number Kind Date Number Date 


MainPatent US 6473740 A 20021029 US 9820131 1 19981129 


Fulltext Word Count: 10208 

Description of the Invention: 

...In a further embodiment, during registration, the network permits 
the customer to provide a member identifier that is not unique among 
all of the customers of the network. In this embodiment, the network 
stores a unique identifier for the customer, along with the member 
identifier specified by the customer, in a cookie... 

...When the customer subsequently authenticates by providing the member 
identifier, the network uses the member identifier to find the unique 
identifier on the customer's computer system, and uses the member 
identifier together with the unique identifier to authenticate the 
customer. In this way, the network allows customers to use non- unique 
member identifiers . This improves the customer experience for all 
customers, as it enables them to choose a... 

...This is especially valuable where the network has a large number of 
customers. Facilitating non- unique member identifiers also permits 
the operator of the network to "absorb" or "import" existing groups of 
customers... 

...collected member identifier. In step 903, the network extracts from the 
read customer cookie a unique identifier for the user stored in the 
customer cookie by the network. In one preferred embodiment, this unique 
identifier is the user's email address, or other information specific 
to the domain of the user. In step 904, if the combination of the 
collected user name and the extracted unique identifier correspond to 
a customer entry in the customer database, then the network continues in 
step... 

...fields 1209, and a shared secret field 1210. It should be noted that the 
member ID 1208 may be any member identifier selected by the user, and 
does not need to be unique across the network. After... 
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...step 1 103, the network verifies the entered payment information. In 
doing so, the network preferably determines whether the credit card 
number is valid, and whether the personal information collected matches 
the credit card number. As part of determining whether the credit 
card is valid and active, the network may further attempt to obtain 
authorization to charge a... 

...to ensure that the credit card is active. The network may further 
utilize third party credit card verification or fraud detection 
services in performing step 1 103. If verification of payment information 
fails, the... 

...stores on the customer system a customer cookie identifying the customer 
by user name and unique identifier (preferably email address). In 
step 806, the network stores on the customer computer system a... 

...continues in step 1906. In step 1905, the network generates a payment 
request for the determined sum against the credit card , or other 
form of payment, of the customer. In a preferred embodiment, the 
generated payment... 


22/3,K/20 (Item 15 from file: 654) 

DIALOG(R)File 654:US PAT.FULL. 

(c) Format only 2009 Dialog. All rts. reserv. 

4766851 **IMAGE Available 
Derwent Accession: 1998-542895 
Utility 

M/ Countable electronic monetary system and method 

Inventor: Teicher, Mordechai, Hod-Hasharon, IL 

Assignee: Cardis Enterprise international N.V.(03), Curacao, NL 

Cardis Enteiprise International N V NL 
Examiner: Lee, Michael G. (Art Unit: 286) 
Assistant Examiner: Walsh, Daniel 
Law Firm: Eitan, Pearl, Latzer & Cohen-Zedek 

Publication Application Filing 

Number Kind Date Number Date 


Main Patent US 6467685 A 20021022 US 2000522019 20000309 
CIP US 6119946 A US 9850388 19980330 

Priority IL 120585 19970401 


Fulltext Word Count: 23454 

Description of the Invention: 

...consumers for payment. Payment card 2 is either in the well-known 
form of a credit - card like plastic card with an embedded chip, or 
in any other form, such as key-chain, toll-payment transponder, or part 
...In general, also, a received electronic cash file contains transaction 
records with a transferring device identification field which contains 
the identifier for the device that transferred the electronic cash. 
Transferring devices include, but are not limited... 
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Fulltext Word Count: 5765 

Description of the Invention: 

...Phoenix, Ariz. Common functionality associated with such servers 
includes passenger email service, duty free shopping, credit card 
authentication , electronic books, cached web browsing, and the like. 
Data loading functionality may be accomplished with... 

...Such an entry may contain the serial number of the data update (which 
may include unique identifiers ), effective dates, version numbers, 
and the like. Additionally, system server 102 may send a status... 

...system server 102 of the successful load by sending information such as 
the data update identifier , version number, user identification , date 
loaded and/or load status of the load. Outdated data update files may 
also... 
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Fulltext Word Count: 8769 

Description of the Invention: 

...parameters or configurations and past service), and product 
ownership. Parameters that are saved include vehicle identifier 
numbers, module identification information, module software revision 
information, and very specific product or component configuration 
information and performance... 

...administrator and the assigned users and their authorization level, and 
electronic commerce interfacing such as credit card purchasing and 
authorizing ); and (5) communications (e.g., ability to transfer data 
packets using Hyper-Text Transfer Protocol. .PC for use only on the 
pre-determined module 12. The encryption shall include a unique module 
related identifier (s) as "seed values" for the encryption calculations. 
The purpose of the encryption is to... 
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Fulltext Word Count: 13281 

Description of the Invention: 

...a DLL file having a class factory to produce an instance of the 
class). Class identifiers are 128-bit globally unique identifiers 
("GUIDs") that the programmer creates with a COM+ service named 
"CoCreateGUID" (or any of several other APIs and utilities that are used 
to create universally unique identifiers ) and assigns to the 


EIC3600 SEARCH RESULTS 


186 


5/6/2009 


respective classes. The interfaces of a component additionally are 
associated with... 

...the listener 152 (FIG. 2). Also, a "Queue BLOB" attribute contains MSMQ 
names (as globally unique identifier (GUID) format names) of a set of 
queues relating to the COM+ Application. ("BLOB" is... 

...will be used with queued method invocations by specifying "queue:/new:" 
followed by the program ID or string-form globally unique identifier 
(GUID) of the queued component as the "displayname" parameter of the 
"CoGetObject( )" API call. In...by the client application to give 
priority processing to particular operations, such as to prioritize 
credit card authorizations over check processing in a banking 
application. The message ID identifies the individual message. The... 
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Fulltext Word Count: 19741 

Description of the Invention: 

...the data template record 207. The registration template record 207 
includes several fields: an Company- ID field which holds the company- 
identifier portion of a universal product code in EAN format; a URL 
field which holds the. ..invoicing module 507 including shipping 
information supplied by the customer using HTML forms; it may verify 
and accept credit card information and transmit that to the invoicing 
module 507 so that the actual credit card... 
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Fulltext Word Count: 11324 

Description of the Invention: 

...step 116 when the predetermined relationship is lacking 
or-otherwise-, for example when the company identifier (company ID ) 
is the same as the second identifier A2 that is formed, a branch is made 


...distinction is made between master card and successor cards, the 
difference is only that the master card is the first card authorized 
by the postage meter machine and is automatically given the number 001. 
Otherwise, the structure... 

...from a cost center menu sub-point provided therefor by allocating--after 
insertion of the master card and selection of the authorization 

function— an arbitrary successor card to an existing or newly defined 
cost center or group... 

...table ensues for the master card. The postage meter machine is blocked 
without an inserted master card exhibiting said authorization 
function. For example, the following table is present in the postage 
meter machine for the... 
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Description of the Invention: 

...The Content Identification Layer 503 allows for the verification 
of the copyright and the identity of the content purchaser. The content's 
copyright information.. .Digest Algorithm ID —An identifier of the 
algorithm used to compute the digests of the parts... 

...Digital Signature Alg ID —An identifier of the algorithm used to 
encrypt the digest of the concatenated part digests. This encrypted... 
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Fulltext Word Count: 48841 
Description of the Invention: 

...input into the Work Flow Manager 154 Tool along with the Content 
Provider(s)' 101 unique identifier for the Content 113... 

...s)' Database 160 by the Content information Processing Subsystem using 
the Content Provider(s)' 101 unique identifier for the Content 113 
and information provided by the Database Mapping Template... 

...138 Once the Electronic Digital Content Store(s) 103 receives the 
credit card authorization number back from the credit card 
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clearing organization, it stores this into a database and invokes the SC 
Packer Tool to.. .record in the Key Description part includes an encrypted 
symmetric key and the encryption algorithm identifier of the symmetric 
key that was used to encrypt the encrypted part... 
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Description of the Invention: 

...point provided for that purpose. After insertion of the master card 
and selection of the authorization function, an arbitrary successor 
card is allocated to an existing or newly defined cost center... 

...table ensues for the master card. The postage meter machine is blocked 
without an inserted master card exhibiting the authorization 
function... 
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Fulltext Word Count: 22104 
Description of the Invention: 

...An identifier is a "globally unique identifier " if it maps to 
at most one thing in the world. An identifier is a... 

...a sheet or sticker of paper or a document, bears visible or invisible 
markings that encode an identifier of the substrate and, in some 
cases, can also encode locations or zones within the... 

...2. Encoding Action/Medium Identifiers 


...A wide variety of techniques could be used to encodeO and decode 
action/medium identifiers into and from machine-readable markings... 

...pointer precisely relative to the whole page. The processing circuitry 
can also decode the page- identifier and the page- id -code and can then 
provde these two items of data, along with a location code... 

...Various other techniques could be employed for encoding and decoding 
action/medium identifiers . 

...sheet can be processed through a specialized printing procedure which 
(1) assigns a fresh page- identifier (and possibly page- id -code) to 
the sheet, and (2) prints in UV ink machine-readable markings encoding 
the page- identifier (and possibly page- id -code) on the surface of the 
sheet... 

...markings are durable, do not interfere with visible printed marks, and 
permit recovery of page- identifiers , page- id -codes, and location 
codes... 

...an encoded representation of a page- identifier , i.e. an item of data 
whose value uniquely identifies the page, within cell border... 

...first set of markings 208 over part of the interior of cell 202 provides 
an encoded representation of a page- identifier , while a second set of 
markings 210 over a smaller part of the interior of... 

...incorporated herein by reference. Here, a first set of glyphs (markings) 
in upper section 402 encodes a page- identifier and a second set in 
lower section 404 encodes a location code (loc). Each glyph... 

...coordinates as described above. FIG. 6B shows an exemplary zone or cell, 
with a page- identifier encoded in the center of the cell in 
alphanumeric characters and with a location code encoded... 
Machine -readable markings could encode information in various other ways. 
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For example, rather than encoding a page identifier with location 
codes over a large region of a page as suggested above, encoded 
location identifiers could occupy relatively small regions and could be 
positioned only in certain active positions or... 

...The encoded location identifiers in a non-positional implementation 
could, for example, be DataGlyph address space fragments of the... 

...For a multipage document, a non-positional implementation could also 
provide a unique document identifier that is encoded in 
machine-readable markings on each page of the document, making a 
page-identifier unnecessary. The document identifier could be encoded 
in each active position or region together with the position identifier 
, or it could be encoded separately in markings that could be at the 
bottom of the page. Alternatively, the document identifier could be 
encoded only once, such as on a cover page of the document... 

...In use, processing device 602 extracts from the image data the encoded 
page- identifier and page-location data to obtain an item of data 
(<pid, loc>) and... 

...A pointer as described above can have additional memory storing a 
unique pointer identifier , which the pointer can transmit along with 
an action/medium identifier such as a <... 

...or provide identification in advance. The programmable memory can 
include a fax number and a credit card number or other payment 
authorization code. When the user clicks or clips an article, these 
items are also transmited, so... 

...As noted above, a non-positional implementation could alternatively 
encode the document identifier with the action identifier at each 
active position or region. If the action identifiers of different 
documents are in distinct ranges or sets of values, no further encoding 
is necessary because the action identifiers implicitly encode 
document identifiers . If a document identifier is encoded , 
implicitly or explicitly, with the action identifier at an active 
position or region, a single... 

...confetti", could be made from a coded substrate. In particular, each 
sticker can have a unique sticker identifier . The stickers can be 
used to add multimedia links to a piece of conventional paper.. .It should 
be noted here that the idea of privately encoding the page identifiers 
does not strictly require the coded substrate medium. It could also be 
implemented via conventional... 

...Implementations described above use DataGlyphs to encode action/medium 
identifiers , but various other machine-readable markings could be used. 
For visually nonobstructive markings, it is... 

...Implementations described above use action/medium identifiers of 
several different types, including globally unique page identifiers 

and sticker identifiers , page identifiers paired with location 
identifiers, document identifiers paired with action identifiers, and so 
forth... 
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Utility 

CERTIFICATE OF CORRECTION 

E/ Secure interactive electronic account statement delivery system 

Inventor: Powar, William L., Palo Alto, CA 

Assignee: Visa International Service Assoc iation(02), Foster City, CA 

Visa International Seivice Association 
Examiner: Barron, Jr., Gilberto (Art Unit: 212) 
Law Firm: Beyer Weaver & Thomas, LLP 

Publication Application Filing 
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Fulltext Word Count: 12263 

Description of the Invention: 

...Bank ID 300 is a unique identifier that identifies the 
certificated bank to which the certificate is being issued within the 
electronic... 

...Customer ID 400 is a unique identifier with respect to the issuing 
certificated bank that uniquely identifies the customer to whom customer 


...with biller ID 500 and biller public key 505, respectively. Biller ID 
500, like customer ID 400, is a unique identifier with respect to 
the issuing certificated bank that uniquely identifies the biller to whom 
biller... 

...system in a manner analogous to the way in which payment card systems 
(such as Visa , MasterCard , etc.) authorize merchants to display 
system logos to communicate that they accept payment cards issued by 
those... 


22/3,K/31 (Item 26 from file: 654) 

DIALOG(R)File 654:US PAT.FULL. 

(c) Format only 2009 Dialog. All rts. reserv. 
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Assistant Examiner: Hayes, John W. 

Combined Principal Attorneys: Meyers, Steven J.; Shofi, David M.Fleit, 
Kain, Gibbons, Gutman & Bongini P. L. 

Publication Application Filing 
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Fulltext Word Count: 47302 

Description of the Invention: 

...138 Once the Electronic Digital Content Store(s) 103 receives the 
credit card authorization number back from the credit card 
clearing organization, it stores this into a database and invokes the SC 
Packer Tool to. ..A Key Identifier of the public encryption key that was 
used to encrypt the symmetric key. This field... 

...Digital Content Store(s) 103 download the Metadata SC(s) 620, for which 
they are authorized , and build Offer SC(s) 641. In short, an Offer 
SC(s) 641 consists of... 

...Digest Algorithm ID --An identifier of the algorithm used to compute 
the digests of the parts... 

...Digital Signature Alg ID -An identifier of the algorithm used to 
encrypt the digest of the concatenated part digests. This encrypted... 
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Utility 

REASSIGNED, CERTIFICATE OF CORRECTION 
REISSUE REQUESTED **See File 123 for details 
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Fulltext Word Count: 8744 


Description of the Invention: 

...payment, to the payment system 10. Typically, this may be done by 
using a conventional authorization to charge a credit card . The 
pay-in selection is not encoded in or directly derivable from the 
cardnumber... 

...validity of the buyer's credit card number, e.g. pay-in selection 108B, 
to determine whether the credit card is lost, stolen, expired, 
overlimit, etc.. .number, Internet e-mail address 104, and the currency 
preference 112, language, and preferred account identifier ID . 
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Assignee: Unassigned 
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Examiner: Swann, Tod R. (Art Unit: 277) 
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Publication Application Filing 
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Fulltext Word Count: 10950 

Summary of the Invention: 

...a transaction amount and other parameters such as a standard 
industrial code (SIC), a merchant identifier (MID) and an acquiring 
bank identification number (BIN... 

...through a card company 110 (e.g., MasterCard(R), VISA(R), Discover 
Card(R) or American Express (R)) prior to reaching authorizing agent 
1 12 for comparison of account parameters. Authorizing agent 1 12 compares 
the transaction parameters for... 

...the quotation process, an acceptable variance or deviation range from 
the quotation amount, a merchant identifier (MID) or an acquiring bank 
identification number (BIN) are dispatched to the card issuer. It should 
be pointed out that in... 
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Description of the Invention: 

...It should also be appreciated that the functions of the " bank 
card association," " authorizing agent," "card issuer," and the sponsor 
of an "authorization web page" may be one or... 

...the quotation process, an acceptable variance, or deviation range from 
the quotation amount, a merchant identifier (MID) and an acquiring bank 
identification number (BIN) are dispatched to card issuer 214. It 
should be pointed out that in... 

...permitting the inclusion of sales tax with the quoted transaction 
amount, while leaving the merchant identifier and acquiring bank 
identification number unspecified, thereby permitting an account user to 
seek out the goods or services of... 

...number 504, merchant information 506 a transaction amount 508 and a 
transaction identifier 510. Transaction identifier 510, by containing 
descriptive information unique to the transaction enables an account 
manager to quickly identify a corresponding authorization document for... 
708 performs a traditional authorization request which in a step 710 
passes through an acquiring bank , a bank card association to an 
authorizing agent. The authorizing agent thereupon performs an 
authorization with the account number and any other... 
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Fulltext Word Count: 11690 

Summary of the Invention: 

...a retail credit card, a smart card, or others as set forth 
hereinafter. The numeric identifier of such portable personnel 
identification means is previously derived in accordance with the 
teachings of the present invention and then... 

...identification of an individual submitting him or herself for 
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identification for the purpose of: retail credit card purchases, 
authorized entry, check cashing, obtaining a driver's license, showing 
proof of age via a driver... 

...of the digit print image, and this digitized numerical identifier is 
compared with a numerical identifier read from an identification card 
means identifying the person to be identified, to verify the identity of 
that person... 

...identification cards, as exemplified by the provision disclosed herein 
of a non-minutiae digitized numerical identifier having 24 bytes of 
fingerprint identification data... 

...card personal to the person and therefore, the present invention 
facilitates the use of a credit card as a verifiable identification 
card for entitling the user to certain services such as charged purchases 
and check... 

Description of the Invention: 

...magnetic stripe) which contains his or her encrypted verification 
data (i.e., encrypted digitized numerical identifier ), the 
identification card is then placed in the card reader for retrieval and 
decryption of the "comparison... 

...the confines of a portable personnel identification means, personal to a 
person, such as a credit card or a smart card; identity verification 
of a person to be identified with or without an encryption scheme; and 
payable check... 

...identifiers indicative of the fingerprints of such persons, and 
recording the non-minutiae digitized numerical identifiers within 
identification means, personal to such persons; or (2) performing such a 
service but providing the derived... 

...indicative of a fingerprint of a person submitting the check for 
cashing, with the numerical identifier contained within a portable 
personnel identification means submitted by such person for 
identification as the check payee of the check payable... 

...application of the present invention, where verification of identity is 
accomplished by comparing the numerical identifier of identification 
means with the non-minutiae digitized numerical identifier derived from a 
fingerprint of such person... 
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Utility 

M/ Postage meter machine with a chip card write/read unit and method for 
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Fulllext Word Count: 7326 

Description of the Invention: 

...security tokens. Currently, smart cards have the approximate look 
and feel of a standard plastic bank card . However, the smart card is 
embedded with a secure (tamper-resistant) silicon chip. The smart card 
holds information in electronic form... 

...FIG. 1 depicts the preferred embodiment of the disclosed methodology for 
providing fingerprints authentication via a credit card form 
factor. A card 102 (with a credit card form factor) is partially inserted 
into... 

...transmitting an identifier stored in said module which uniquely 
identifies said module; entering a personal identification number; 
checking said identifier , personal identification information, and 
image against said authentication data... 
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Fulltext Word Count: 7503 

Description of the Invention: 

...101 contains a cryptographic processor. The device may be activated 
through the input of a unique cardholder identifier such as a 
personal identification number (PIN) through the keypad 103. 
Alternatively, the device may include abiometric interface 105... 

...the merchant. The merchant 302 transmits the single-use credit card 
number 300 to a credit card issuer 303. The credit card issuer 
303 returns an authorization 3 10 to the merchant, based on which the 
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merchant delivers the desired goods or services... 

...to the merchant (step 361), and the merchant enters the single-use 
number into an authorization terminal connected to a central credit 
card processing system maintained by the credit card issuer (step 362). 
A check digit may be... 

...number to prevent the incorrect keying of the number. The number is sent 
to the credit card processing system for authorization (step 363). 
The central system processor maps the single-use credit card number onto 
a conventional credit card account and determines whether the 
transaction is authorized (step 380); if so, the central system returns 
an authorization... 
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Fulltext Word Count: 14048 

Description of the Invention: 

...User is an individual in possession of an NC smart card 102. An 
ENTERPRISE[sub]~ ID is a unique identifier for either an ISP 109 
or corporate client... registration page, and to establish a user 
password, if desired. At step 3005, the ISP determines whether the 
user's credit card is valid. If not, it stops. If the credit card is 
valid at step 3006... 
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Dynamically changing system for fulfilling concealed value gift certificate 
obligations 
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Fulltext Word Count: 9378 

Description of the Invention: 

... Authorization code 86 includes the credit card authorization 

code obtained by the gift certificate issuer for both pre- and post-paid 
gift certificates... 

...12 receives a log-on message from the buyer including the buyer's name 
and identifier ( ID ) (if the buyer is not a first time user). Central 
controller 12 queries buyer database... 

...information such as the credit card number and amount of transaction are 
transmitted to a credit card issuer for authorization (step 136) of 
the gift certificate value. Such communication is accomplished through a 
conventional credit 
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Description of the Invention: 

...step 116 when the predetermined relationship is lacking 
or— otherwise— , for example when the company identifier (company ID) 
is Ihe same as the second identifier A2 that is formed, a branch is made 


...distinction is made between master card and successor cards, the 
difference is only that the master card is the first card authorized 
by the postage meter machine and is automatically given the number 001 . 
Otherwise, the structure... 

...from a cost center menu sub-point provided therefor by allocating~after 
insertion of the master card and selection of the authorization 
function-an arbitrary successor card to an existing or newly defined 
cost center or group... 

...table ensues for the master card. The postage meter machine is blocked 
without an inserted master card exhibiting said authorization 

function. For example, the following table is present in the postage 
meter machine for the... 
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Description of the Invention: 

...an affinity group. Affinity group ID field 310 is a key field and 
stores a unique affinity group identifier . Sponsor field 312 stores 
the name of the sponsor of the affinity group. Address element... 

...Account ID field 410 stores a unique account identifier . Account ID 
field 410 is assigned by the credit card issuer to uniquely identify an 
account of a card holder. In the present embodiment, the unique account 
identifier will be a standard 16 digit credit card account number... 

...an affinity group. The fields of group target/reward table 500 are 
populated with values determined by the credit card issuer. The 
steps for determining these values are described in more detail with 
reference to FIG. 7... 

...merchant ID field 612; transaction amount field 614; date field 616; 
time field 618; and credit card authorization number 622. 
Transaction table 600 may be used to analyze the account activity of each 
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Description of the Invention: 
...consumers for payment. Payment card 2 is either in the well-known 
form of a credit - card -like plastic card with an embedded chip, or 
in any other form, such as key-chain, toll-payment transponder, or part 
...In general, also, a received electronic cash file contains transaction 
records with a transferring device identification field which contains 
the identifier for the device that transferred the electronic cash. 
Transferring devices include, but are not limited... 
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Description of the Invention: 

...step 116 when the predetermined relationship is lacking 
or-otherwise-, for example when the company identifier (company ID ) 
is the same as the second identifier A2 that is formed, a branch is made 


...distinction is made between master card and successor cards, the 
difference is only that the master card is the first card authorized 
by the postage meter machine and is automatically given the number 001 . 
Otherwise, the structure... 

...from a cost center menu sub-point provided therefor by allocating-after 
insertion of the master card and selection of the authorization 

function— an arbitrary successor card to an existing or newly defined 
cost center or group... 

...table ensues for the master card. The postage meter machine is blocked 
without an inserted master card exhibiting said authorization 
function. For example, the following table is present in the postage 
meter machine for the... 
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Description of the Invention: 

...User is an individual in possession of an NC smart card 102. An 
ENTERPRISE[sub]- ID is a unique identifier for either an ISP 109 
or corporate client. ..registration page, and to establish a user 
password, if desired. At step 3005, the ISP determines whether the 
user's credit card is valid. If not, it stops. If the credit card is 
valid at step 3006... 
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...utilize the purchasing capabilities of the licensing and purchasing 
broker. The library function provides a unique transaction identifier 
that can be used to identify the particular purchase transaction at a 
further time. Such... 

...licensing code accordingly. One skilled in the art will recognize that 
any mechanism for is authorizing use of a credit card could be 
used. In step 1204, the customer's credit card account is charged, and... 

...product version identifier (the Products KUld) to retrieve from a version 
table a corresponding password configuration identifier (pass-config- 
id ). Once the pass-config-id is retrieved from the version password 
generation data repository table... 
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Customer identification and marketing analysis systems 
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Assistant Examiner: Kanof, Pedro R. 
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Fulltext Word Count: 8571 

Description of the Invention: 

...Devices similar to the identification terminal 15 are in use for 
credit card transactions, check verification , and privately issued 
card reading, data capture, and data communications. Card reader 9 may be 


...record also includes the consumer's birth date 22, which is also taken 
from the identification card 16. Further, a terminal identifier 
number 23, which is unique to the terminal, is made part of the 
identification data record. This information can be... 


22/3,K/46 (Item 41 from file: 654) 

DIALOG(R)File 654:US PAT.FULL. 

(c) Format only 2009 Dialog. All rts. reserv. 

4322885 **IMAGE Available 
Derwent Accession: 2000-610540 


EIC3600 SEARCH RESULTS 


205 


5/6/2009 


Utility 
EXPIRED 

E/ Data processing system including transaction authorization device 

Inventor: Thomas, Harold K., 944 S. 21st St., Mesa, AZ, 85204 
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Examiner: MacDonald, Allen R. (Art Unit: 275) 
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Publication Application Filing 
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US 8785569 19870817 


Fulltext Word Count: 4899 


Description of the Invention: 

...the rightful possessor of the transaction card 13 enters, as 
indicated by line 25, an identifier 26 (e.g., Personal Identification 
Number or "PIN") by means of the data-entry component 1 8 into the logic 
memory... 

...the same TAD can be programmed with PIN's and other transaction-specific 
data and authorization data relating to several credit card 
accounts, several debit accounts, several phone accounts and similar 
data relating to a wide variety of other transactions... 

...This concept of separating the bank card function from the 
authorization function into separate cards, provides an off-line 
authorization system without disturbing the present credit card 
infrastructure... 


...unrestricted TAD, purchases can be processed in the normal manner using 
the customer's conventional bank card , and obtaining an off-line 
authorization by means of the customer's supersmart card... 
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Publication Application Filing 

Number Kind Dale Number Date 
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CIP US 5754762 A US 97782063 19970113 


Fulllext Word Count: 8199 

Summary of the Invention: 

...capability of magnetically storing information, has more recently 
emerged as a valuable product for facilitating financial sen-ices 
primarily. Cards with an IC microprocessor embedded inside and with 
external contacts for communication with an interface device are known 
commonly as... 

...which is the logical opposite of an identifier is used. The conventional 
use of an identifier requires that an AND identification exist in 
order to allow a program to be run. In the disclosure of Cieronimi... 
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System and method for pre-authorization of individual account transactions 

Inventor: Watson, Craig, Sandy, UT 

Assignee: GE Capital(02), UT 

Examiner: MacDonald, Allen R. (Art Unit: 277) 

Assistant Examiner: Myhre, James W. 

Law Firm: Workman, Nydegger & Seeley 

Publication Application Filing 

Number Kind Date Number Date 
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Fulltext Word Count: 8940 

Summary of the Invention: 

...a transaction amount and other parameters such as a standard 
industrial code (SIC), a merchant identifier (MID) and an acquiring 
bank identification number (BIN... 

...through a card company 1 10 (e.g., MasterCard(R), VISA(R), Discover 
Card(R) or American Express (R)) prior to reaching authorizing agent 
1 12 for comparison of account parameters. Authorizing agent 1 12 compares 
the transaction parameters for... 

...the quotation process, an acceptable variance or deviation range from 
the quotation amount, a merchant identifier (MID) or an acquiring bank 
identification number (BIN) are dispatched to the card issuer. It should 
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be pointed out that in... 
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M/ Electronic shopping and merchandising system 
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Examiner: Tkacs, Stephen R. (Ail Unit: 271) 
Law Firm: Lee & Hayes, PLLC 
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Fulltext Word Count: 15038 

Description of the Invention: 

...the store, in addition to the directories where the template files 
reside. The "shopper[ sub]-- id " portion specifies the unique shopper 
identifier . Lastly, the "template.html" portion is the name of the HTML 
template to use to... 

...A purchase.html page presents the order total and provides a form for 
entry of credit card payment information. To confirm purchases, a 
confirmed.html page presents a message confirming completion of the 
purchase transaction. Similarly... 
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over the internet 
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First Virtual Holdings Inc 
Examiner: Hayes, Gail O. (Art Unit: 271) 
Assistant Examiner: Groutt, Phillip 
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Fulltext Word Count: 1 1 142 

Description of the Invention: 

...payment, to the payment system 10. Typically, this may be done by 
using a conventional authorization to charge a credit card . The 
pay-in selection is not encoded in or directly derivable from the 
cardnumber... 

...validity of the buyer's credit card number, e.g. pay-in selection 108B, 
to determine whether the credit card is lost, stolen, expired, 
overlimit, etc.. .number, Internet e-mail address 104, and the currency 
preference 112, language, and preferred account identifier ID . 
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Derwent Accession: 1998-377132 
Utility 

CERTIFICATE OF CORRECTION 

E/ System and method for mapping driver level event function calls from a 
process-based driver level program to a session-based instrumentation 
control driver level system 

; COMPUTER-READABLE STORAGE MEDIA 

Inventor: Mondrik, Dan, Austin, TX 

DeKey, Samson, Austin, TX 

Andrade, Hugo, Austin, TX 
Assignee: National Instruments Corporation(02), Austin, TX 

National Instruments Corp (Code: 44437) 
Examiner: Auve, Glenn A. (Art Unit: 271) 
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Description of the Invention: 

...purpose of the isetintr function call is to enable specific 
interrupts within the system. The id parameter is a session identifier 
returned from an iopen() call or an igetintfsess() call in the SICL 
Driver level library... 

...step 408, then in step 410 the method calls the VISA operation 
viDisableEvent with the VISA event type determined in step 404 and 
operation completes. Thus, a secval of O disables the interrupt. If... 

...method calls the VISA operation viEnableEvent with VI[sub]— HNDLR as a 
parameter and the VISA event type determined in step 404. If the 
ionintr SICL function is determined to have not been called... 

...the VISA operation viEnableEvent with VI[sub]- SUSPEND[sub]- HNDLR 
a parameter and the VISA event type determined in step 404. 
Therefore, when the secval parameter is 0, interrupts are disabled. If 
the... 

...The ionintr function call includes two function parameters, referred to 
as id and proc. The id parameter is a session identifier returned 
from a SICL function call iopenQ or igetintfsess(). The proc parameter 
identifies a procedure... 

...call ionsrq includes two parameters referred to as id and proc. As 
mentioned above, the id parameter is a session identifier returned 
from a SICL function iopen() or igetintfsess(). The proc parameter 
identifies a procedure to... 
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...321,751 describes a system in which image information relating to a 
holder of a credit card is embedded in the card. A photograph of 
the holder is converted to a digital image which... 

...of the present invention, there is provided a method of recording an 
image of a unique personal identifier of a person on an 
identification document, the identification document including a region 
on to which the image is recorded, the... 

...a) capturing an image of the unique personal identifier of the 

person to whom the identification document relates... 

...Preferably, the unique personal identifier comprises an image of the 
person to whom the identification document is issued. However, it... 

...It is preferred that the unique personal identifier may be captured 
using a digital camera. Alternatively, a print, negative or transparency 
bearing an image of the unique personal identifier of the person to 
whom the identification document relates, may be digitally scanned... 

...the present invention, there is provided an identification document 
including a compressed image of a unique personal identifier of a 
person to whom the document relates recorded in a magnetic medium... 
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Description of the Invention: 

...purpose of the isetintr function call is to enable specific 
interrupts within the system. The id parameter is a session identifier 
returned from an iopen.oval-hollow. call or an igetintfsess.oval-hollow. 
call in the... 
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...step 408, then in step 410 the method calls the VISA operation 
viDisableEvent with the VISA event type determined in step 404 and 
operation completes. Thus, a secval of 0 disables the interrupt. If... 

...method calls the VISA operation viEnableEvent with VI[sub]— HNDLR as a 
parameter and the VISA event type determined in step 404. If the 
ionintr SICL function is determined to have not been called... 

...the VISA operation viEnableEvent with VI[sub]- SUSPEND[sub]- HNDLR 
a parameter and the VISA event type determined in step 404. 
Therefore, when the secval parameter is 0, interrupts are disabled. If 
the... 

...The ionintr function call includes two function parameters, referred to 
as id and proc. The id parameter is a session identifier returned 
from a SICL function call iopen.oval-hollow. or 
igetintfsess. oval-hollow.. The proc... 

...call ionsrq includes two parameters referred to as id and proc. As 
mentioned above, the id parameter is a session identifier returned 
from a SICL function iopen.oval-hollow. or igetintfsess.oval-hollow.. The 
proc parameter... 
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Utility 

REASSIGNED, EXPIRED 
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Fulltext Word Count: 5267 

Summary of the Invention: 

...The identifying device may take the shape of a credit card 
having an electronic circuit embedded therein for radiating signals of 
identifying intelligence. An individual possessing the card may position 
it... 

...or power to a portable identifier device, e.g., card, tag, key. In 
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response, the identifier device sends a coded identification signal 
back to the reader. Means must be provided so that the two directions of 
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Fulltext Word Count: 10988 

Summary of the Invention: 

...a retail credit card, a smart card, or others as set forth 
hereinafter. The numeric identifier of such portable personnel 
identification means is previously derived in accordance with the 
teachings of the present invention and then... 

...identification of an individual submitting him or herself for 
identification for the purpose of: retail credit card purchases, 
authorized entry, check cashing, obtaining a driver's license, showing 
proof of age via a driver... 

...of the digit print image, and this digitized numerical identifier is 
compared with a numerical identifier read from an identification card 
means identifying the person to be identified, to verify the identity of 
that person... 

...identification cards, as exemplified by the provision disclosed herein 
of a non-minutiae digitized numerical identifier having 24 bytes of 
fingerprint identification data... 

...card personal to the person and therefore, the present invention 
facilitates the use of a credit card as a verifiable identification 
card for entitling the user to certain services such as charged purchases 
and check... 

Description of the Invention: 
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...magnetic stripe) which contains his or her encrypted verification 
data (i.e., encrypted digitized numerical identifier ), the 
identification card is then placed in the card reader for retrieval and 
decryption of the "comparison... 

...the confines of a portable personnel identification means, personal to a 
person, such as a credit card or a smart card; identity verification 
of a person to be identified with or without an encryption scheme; and 
payable check... 

...identifiers indicative of the fingerprints of such persons, and 
recording the non-minutiae digitized numerical identifiers within 
identification means, personal to such persons; or (2) performing such a 
service but providing the derived... 

...indicative of a fingerprint of a person submitting the check for 
cashing, with the numerical identifier contained within a portable 
personnel identification means submitted by such person for 
identification as the check payee of the check payable... 

...application of the present invention, where verification of identity is 
accomplished by comparing the numerical identifier of identification 
means with the non-minutiae digitized numerical identifier derived from a 
fingerprint of such person... 
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Summary of the Invention: 

...devices in their possession. For example, the identifying device may 
take the shape of a credit card and have an electronic circuit 
embedded therein for radiating signals of identifying intelligence. An 
individual possessing the card may position it... 
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...System", issued Oct. 8, 1985; U.S. Pat. No. 4,580,041 for "Electronic 
Proximity Identification System With Low Power Identifier, 
Simplified", issued Apr. 1, 1986; U.S. Pat. No. 4,600,829 for "Electronic 
Proximity... 

...Angle Detection", issued Mar. 31, 1987; U.S. Pat. No. 4,656,472 for 
"Proximity Identification System With Power Aided Identifier ", issued 
Apr. 7, 1987; and U.S. Pat. No. 4,782,342 for "Proximity Identification 


...time duration between each of said pulses. The combination of the short 
pulses in the identifier signal and the unique configuration of the 
reader antenna give the present invention improved range and data 
transmission reliability... 
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Summary of the Invention: 

...Uses for such systems may include identification of persons having 
identifier sections in their possession. For example, the identifier 
section may take the shape of a credit card and have an electronic 
circuit embedded therein for radiating signals of identifying 
intelligence. An individual possessing the card may position it... 

...System", issued Oct. 8, 1985; U.S. Pat. No. 4,580,041 for "Electronic 
Proximity Identification System With Low Power Identifier, 

Simplified", issued Apr. 1, 1986; U.S. Pat. No. 4,600,829 for "Electronic 
Proximity... 

...Angle Detection", issued Mar. 31, 1987; U.S. Pat. No. 4,656,472 for 
"Proximity Identification System With Power Aided Identifier ", issued 
Apr. 7, 1987; and U.S. Pat. No. 4,782,342 for "Proximity Identification 
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Summary of the Invention: 

...devices in their possession. For example, the identifying device may 
take the shape of a credit card and have an electronic circuit 
embedded therein for radiating signals of identifying intelligence. An 
individual possessing the card may position it... 

...Signal", issued Dec. 10, 1982; U.S. Pat. No. 4,580,041 for "Electronic 
Proximity Identification System with Low Power Identifier , 

Simplified"; U.S. Pat. No. 4,600,829 for "Electronic Proximity 
Identification and Recognition System... 

...can be such that standing wave effects occur. This can interfere with 
the transmission of identification data from the identifier section 
to the reader section... 

...It is therefore an object of the present invention to provide an 
electronic proximity identification system where the identifier 

section can be attached to an object without a reduction in range or 
reliability... 

...It is therefore an advantage of the present invention that it provides 
an electronic proximity identification system where the identifier 

section can be attached to an object without a reduction in range or 
reliability... 
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Derwent Accession: 1986-219864 
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Description of the Invention: 

...customer is issued a PIN and a bank card on which is recorded a user 
identifier ID , a unique secret personal key KP, and other 
information including information that allows a verification value V... 

...the example given in FIG. 2 where n=3, the other information stored on 
the bank card necessary to allow a verification value V to be 
calculated would consist of a 56-bit value selected from each... 

...5,6,7, and 010, represent the necessary information that must be stored 
on the bank card to allow the verification value V to be 
calculated. Referring now to FIG. 3, there is a diagram illustrating... 
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Summary of the Invention: 

...devices in their possession. For example, the identifying device may 
take the shape of a credit card and have an electronic circuit 
embedded therein for radiating signals of identifying intelligence. An 
individual possessing the card may position it... 

...Signal", filed Dec. 10, 1982; U.S. Pat. No. 4,580,041 for "Electronic 
Proximity Identification System with Low Power Identifier , 

Simplified", filed on Dec. 9, 1983; U.S. Pat. No. 4,600,829 for 
"Electronic... 

...It is also an object of the present invention to provide an electronic 
recognition and identification system with a batteiy powered 
identifier which can be recharged when brought in close proximity to the 
reader... 

...an exemplary embodiment of the present invention, the system 
incorporates a reader section and an identifier section. The 
identifier section contains identification data which the reader 
section interrogates for and then receives. The identifier section does 
not... 
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Fulltext Word Count: 3869 

Summary of the Invention: 

...devices in their possession. For example, the identifying device may 
take the shape of a credit card and having an electronic circuit 
embedded therein for radiating signals of identifying intelligence. An 
individual possessing the card may position it... 

...filed on Dec. 10, 1982; U.S. Pat. No. 4,580,041 for "Electronic 
Proximity Identification System With Simplified Low Power Identifier 
," issued Apr. 1, 1986; and U.S. Pat. No. 4,600,829 for "Electronic 
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Proximity... 

...drives a reader antenna. Power is radiated by and from the reader 
antenna to the identifier antenna in the identification section. The 
clock and memory system emit logic value signals which in turn vary the 
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Summary of the Invention: 

...devices in their possession. For example, the identifying device may 
take the shape of a credit card having an electronic circuit 
embedded therein for radiating signals of identifying intelligence. An 
individual possessing the card may position it... 

...receiving in the reader and separate coils for transmitting and 
receiving in the identifier. The identifier is portable and contains 
identification data which the reader receives and interrogates when the 
identifier is inductively coupled to the... 
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Description of the Invention: 

...determine the status of or to transfer funds out of a savings 
account. The FROM CREDIT CARD key is used to determine the status 
of or to transfer funds out of a credit card account. The FROM...C The 
language ID and institution message identifier used with this FIT 
entry... 
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